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Back-up  plan 


The  Fed  modifies  but  presses  on  with 


disaster-recovery  rules  for  big  financial  firms.  PAGE  8 


Compressed  time  Adding  data  compression 

to  your  WAN  links  can  result  in  a  fast  payback.  PAGE  22 
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Storage 


appliances 

provide  a  last  1 
line  of  defense 
against  attackers 
by  encrypting  stored 

'‘‘Page 

SwapDrive  is  using  a  storage 
security  appliance  to  protect  20  < 

terabytes  of  data  and  generate 
new  business.  t 


STEVE  DITKO 


3Com  taps  Huawei 
for  ‘comeback’  try 


■  BY  PHIL  HOCHMUTH 

Tliree  years  after  it  quit  the 
high-end  LAN  core  market, 
3Com  this  week  is  set  to  rejoin 
the  fray  with  its  first  backbone 
switch  based  on  technology 
from  its  joint  venture  partner  — 
embattled  data  communications 


vendor  Huawei  Technology. 

At  the  CeBit  America  confer¬ 
ence  in  New  York,  3Com  is 
expected  to  announce  its  Switch 
7700,  a  seven-slot  Layer  3  modu¬ 
lar  LAN  switch,  targeted  at  large 
companies  requiring  features 
such  as  high-density  Gigabit 
See  3Com,  page  60 
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HE  LOW  COST  MOVE  IS  ON. 


♦ Sun 

microsystems 
We  make  the  net  work. 


Merger  mania? 

Not  yet  but . . . 

■  BY  JOHN  FONTANA 

The  flurry  of  technology  indus¬ 
try  wheeling  and  dealing  over 
the  past  weeks  might  be  a  pre¬ 
cursor  to  more  significant  mer- 
ger-and-acquisition  activity,  ac¬ 
cording  to  experts. 

This  analysis  is  being  stoked  by 
deals  involving  the  triangle  of 
Oracle,  PeopleSoft  and  J.D.  Ed¬ 
wards,  along  with  other  aggres¬ 
sive  moves  launched  by  Mercury 
Interactive,  Microsoft  and  Palm. 

Oracles  $5.1  billion  bid  for 
PeopleSoft  and  PeopleSoft ’s  $1.7 
billion  offer  for  J.D.  Edwards  are 
being  called  not  only  marquee 
events,  but  also  signals  that  it’s 
OK  to  deal  if  opportunities  and 
prices  are  right. 

“A  lot  of  big  and  small  public 
companies  have  stabilized  and 
are  now  back  in  the  market 

See  Mergers,  page  61 


Let’s  make  a  deal 


While  the  number  of  mergers  and  acquisitions  in  the 
network/IT  industry  is  down,  their  publicly  disclosed 
value  is  up. 


Number 
of  deals 


3,226 


Average  valuation  per 
deal  for  which  terms 
have  been  disclosed. 

2002  2003* 

$53M  $96.8M 

'through  6/9 
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1998  1999  2000  2001  2002  2003 

(through  6/9) 

SOURCE:  FACTSET  MERGERSTAT 


WLANs  scale,  just  not  easily 

Building  the  biggest  can  present  a  variety  of  technical  challenges. 


BY  JOHN  COX 


Bill  Gates  decided  in 
1999  that  it  was  time  for 
Microsoft  to  get  serious 
about  wireless  LANs.  At 
a  public  CEO  summit,  he  an¬ 
nounced  that  the  software  maker 
would  have  a  wireless  network 
blanketing  its  Redmond,  Wash., 
campus  within  12  months. 


Thinking 
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WLANs 

First  of  two  parts 


That  announcement 
sent  the  company’s  Op¬ 
erations  and  Technol¬ 
ogy  Group  scrambling. 

Today,  there  are  about 
2,500  Cisco  Aironet 
points  at  headquarters 
and  another  1,200  worldwide, 
making  Microsoft’s  WLAN  rollout 
one  of  the  largest. 

But  networks  of  this  size  are 


access 


still  uncommon,  and  for  good 
reason: They’re  a  lot  of  work. 

That’s  the  verdict  from  network 
professionals  who’ve  built  them. 
If  you’re  thinking  about  rolling 
out  a  big  WLAN,  they  say,  be  pre¬ 
pared  for  a  project  that  will  rival, 
if  not  surpass,  in  complexity  and 
detail  any  LAN  you’ve  built. 

Cut  corners  and  you’ll  end  up 
See  WLAN,  page  12 
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Can  allocate  resources  to  energize  major  workloads.  On  demand. 


Introducing  the  new  IBM  eServer  zSeries®  990. 

Meet  the  newest  eServer  zSeries  system  -  the  ultimate  IBM  mainframe  for 
on  demand  business.  The  human  body  senses  and  responds.  So  does 
the  z990.  It's  designed  to  allocate  resources  dynamically.  Run  hundreds 
of  Linux®  and  mainframe  applications  simultaneously.  The  z990  can 
improve  flexibility  and  efficiency.  On  demand.  For  a  free  CD  of  zSeries 
white  papers,  customer  references  and  more,  head  to  the  URL  below. 

Can  you  see  it?  See  it  at  ibm.com/eserver/z990 


Compared  to  the  z900,  the  new 
zSeries  990  offers:1 

•  Up  to  60%  improved  performance 

•  Almost  3  times  more  system  capacity 

•  4  times  more  memory 

•  2  times  more  virtual  servers 


Riley’s  band  took  second  place 
in  a  battle  of  the  bands  contest. 
They  won  some  hair  gel 
and  a  Neil  Diamond  album. 
Keep  on  rockin’,  Riley. 
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RETINA®  The  #1  Rated  Network  Security  Scanner 

Superior  Vulnerability  Assessment  &  Remediation 


Would  you  trust  the  security  of  your  network  to  anyone  but  the  industry  leader?  Introducing 
Retina,  the  industry's  #1  rated  vulnerability  assessment  solution  from  eEye  Digital  Security. 
Retina  uses  non-intrusive  tests  to  assess  your  network,  accurately  identify  weakness  and 
provide  comprehensive  detail  to  enable  complete  remediation.  Take  control  of  your  network  and 
let  Retina  simplify  your  risk-reduction  process.  Because  nothing  beats  number  one. 


FREE  RETINA  Trial  Version  and  Whitepaper:  www.eeye.com/demo 
or  Call  1.866.282.8276  For  More  Information 


eEye  Digital  Security 


Vulnerability  is  over. 
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Technology  Insider:  Storage 

If  a  firewall  provides  perimeter  defense, 
storage  security  appliances  protect  data 
at  the  network  core.  These  devices  pro¬ 
tect  data  at  rest  or  moving  across  the 
network.  Page  39. 
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SwapDrive  has  deployed  Decru's  DataFort 
to  protect  data  and  to  create  new  busi¬ 
ness  opportunities.  Page  42. 


STEVE  DITKO 


Infrastructure 

■  17  MobileAccess  melds  cellular, 
WLAN  nets. 

■  17  Nokia  supports  SSL  remote 
access. 

■  19  Dave  Kearns:  Bug 

reporting  proposal  lacks  bite. 

■  22  Special  Focus:  Network 
traffic:  Applying  data  compression. 

Enterprise 

Applications 

■  25  Software  eases  remote- 
access  management. 

■  25  Wyse  bulks  up  desktop 
management  package. 

■  28  IBM  adds  database  support 
to  Risk  Manager. 

■  28  Scott  Bradner:  Non¬ 
numeric  numbers. 


Technology  Update 

■  33  VPLS  removes  complexity 
from  network. 

■  33  Steve  Blass:  Ask  Dr. 

Internet. 

■  34  Mark  Gibbs:  Python 
wrap-up. 

■  34  Keith  Shaw:  Vendors 
launch  bevy  of  projectors. 

Opinions 

■  36  Editorial:  Experts  help 
squeeze  deals  out  of  carriers. 

■  37  Daniel  Blum:  SAML, 
Liberty  offer  identity  gains. 

■  37  Thomas  Nolle:  Evolution 
by  absorption. 

■  62  BackSpin:  Unintended 
consequences. 

■  62  'Net  Buzz:  ActiveWords 
saves  time  keystroke  by  keystroke. 


Service  Providers 

■  31  C&W  customers  wait  to 
learn  their  fate. 

■  31  Alcatel  acquisition  debuts 
with  edge  routers. 

■  32  Johna  Till  Johnson: 

Carriers  need  to  get  in  tune  with  IP 
telephony. 


Management 

Strategies 

■  44  What's  in  a  name?  IT  job 
titles  are  becoming  less  specific  in 
favor  of  more  generic  titles  tied  to 
business. 


The  HC2  projector 
is  one  of  many  pro¬ 
jectors  launched 
recently. 

Page  34. 


NetworkWorUfusion  MngNews 

www.nwfusion.com  Come  online  for  exclusive  breaking  news  every  day. 

DocFinder:  6342 


Interactive 

Forum:  The  difficulties  of  VoIP 

Is  it  harder  to  integrate  than  vendors  let  on?  DocFinder:  6346 
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Don’t  be  overwhelmed  by  storage  demands! 

Join  storage  expert  Steve  Duplessie  and  leading  industry  vendors  for 
Network  World's  Storage  Technology  Tour,  "Shoring  Up  Your  Enterprise 
Strategy."  In  just  one  day,  create  a  storage  strategy  that  includes 
selecting  the  right  hardware  and  software,  planning  your  rollout,  and 
managing  and  monitoring  your  storage  network.  Reserve  your  seat 
today.  DocFinder:  4937 
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<g>  Make  way  for  wireless.  By  a  vote  of  408  to  10.  the  ll.S.  House 
of  Representatives  last  week  created  a  trust  fund  to  help  defray  costs  of  moving 
federal  agencies  to  another  wireless  band  so  that  the  spectrum  they  currently 
use  could  be  freed  up  for  commercial  use. 

//}  Clancy  on  computers.  In  giving  the  keynote  addresss  for  the 
recent  Gartner  Security  Summit  conference  in  Washington.  D.C., 
best-selling  novelist  Tom  Clancy,  author  of  The  Hunt  for  Red 
October  and  other  international  thrillers,  told  the  audience  of  IT 
security  professionals:  "I'm  supposed  to  be  the  king  of  high 
tech.  But  I  don't  know  how  computers  work."  < 


BRIAN  GAIDRY 


Sickly  financials.  Telecom  equipment  companies  such  as  Motorola 
and  Nokia,  which  sell  plenty  of  products  into  Asia,  last  week  cited  the  likely 
negative  impact  of  SARS  on  their  current  financial  performance. 


J.D.  Edwards  sues  Oracle  over  deals 


■  J.D.  Edwards  last  week  filed  two  lawsuits  against  Oracle  seek¬ 
ing  damages  and  an  order  that  will  block  Oracle’s  bid  for 
PeopleSoft.J.D.  Edwards  filed  suit  in  a  Colorado  state  court  claim¬ 
ing  Oracle  interfered  with  its  proposed  merger  with  PeopleSoft. 
The  Denver  company  is  seeking  $1.7  billion  in  compensatory 
damages  and  an  unspecified  amount  in  punitive  damages. 
Another  lawsuit  by  J.D.  Edwards  was  filed  in  a  California  state 
court  against  Oracle  and  two  of  its  executives:  Chairman  and 
CEO  Larry  Ellison  and  Executive  Vice  President  Chuck  Phillips. 
J.D.  Edwards  alleges  that  they  engaged  in  wrongful  conduct  and 
unfair  business  practices,  and  seeks  an  order  to  block  Oracle’s 
hostile  bid  for  PeopleSoft.  The  lawsuits  are  the  latest  twists  in  a 
nasty  battle  over  Oracle’s  attempted  takeover  of  PeopleSoft,  a 
major  competitor  in  the  enterprise  applications  market. The  law¬ 
suits  come  days  after  Oracle  said  PeopleSoft  backed  off  from  its 
own  effort  to  take  Oracle  to  court.  Oracle  launched  a  takeover 
bid  for  PeopleSoft  on  June  6,  just  after  PeopleSoft’s  June  2 
announcement  that  it  had  agreed  to  buy  J.D.  Edwards. 

FTC  looks  to  get  tougher  on  spam 

■  The  Federal  Trade  Commission  last  week  asked  Congress  for  greater  powers  to  fight 
spam,  including  the  ability  to  require  ISPs  to  turn  over  complaints  about  their  cus¬ 
tomers.  FTC  commissioners  championed  the  expanded  powers  as  a  way  to  prosecute 
spammers  based  outside  the  U.S.,  but  other  witnesses  raised  privacy  and  due-process 

COMPENDIUM 

Wireless  LAN  from  coast  to  coast 

The  goal  of  the  LanLinkup  project  is  to  create  national  network  consisting  entirely  of 
Wi-fi  devices  talking  to  each  other  directly,  instead  of  via  the  Internet.  “A  successful 
test  of  this  experiment  will  be  to  ping  remote  hosts  the  fartherest  that  is  possible.” 

You  ’ll  get  plenty  of  stuff  you  have  to  see  every  day,  even  Monday,  in 
Compendium,  unvw.nivfusion.com,  DocFinder:  6344. 


concerns.  Representatives  of  Verizon  and  the  Electronic  Privacy  Information  Center 
said  they  supported  the  FTC’s  ideas  for  fighting  spam  but  objected  to  specific  pieces 
of  the  proposal. 

Microsoft  acquires  anitvirus  vendor 

■  Microsoft  last  week  said  it  intends  to  acquire  Romanian  antivirus  software  vendor 
GeCAD  Software  for  an  undisclosed  price  with  the  intention  of  offering  antivirus  software 
and  subscription  services  in  the  future.  Largely  unknown  in  the  U.S.,  GeCAD  Software 
makes  the  FL\V  AntiVirus  line  of  products  for  Windows  and  Linux  operating  systems  and 
applications.  Microsoft’s  senior  director  in  the  security  business  unit,  Jonathan  Perera.said 
Microsoft  wants  to  make  use  of  GeCAD’s  antivirus  engine  and  signature-updating  tech¬ 
nology  Consultancy  Spire  Security  predicted  the  GeCAD  acquisition  also  will  give 
Microsoft  a  foundation  for  patch-management  updates  and  antivirus  signature  updates. 

AOL  inches  closer  to  IM  interoperability 

■  AOL  Time  Warner  last  week  took  another  step  toward  interoperability  between  instant¬ 
messaging  clients  by  forming  a  partnership  with  IMlogic,  which  develops  software  to 
secure,  log  and  audit  traffic  generated  by  instant-messaging  clients  from  AOL,  Yahoo, 
Jabber,  Microsoft  and  IBM/Lotus.  IMlogic’s  IM  Manager,  however,  stops  short  of  letting 
instant-messaging  clients  from  those  vendors  talk  to  one  another.  IMlogic  is  the  first  third- 
party  management  platform  in  its  AOL  Instant  Messaging  Certified  Partner  Program, 
launched  last  year.  AOL  says  it  hopes  to  use  the  relationship  to  develop  other  corporate 
instant-messaging  applications  and  gain  a  foothold  in  corporate  accounts.  The  partner¬ 
ship  comes  after  AOLs  recent  announcement  of  an  agreement  to  discuss  with  rival 
Microsoft  if  the  two  could  establish  interoperability  between  their  instant-messaging  ser¬ 
vices.  Also  last  week,  the  Internet  Engineering  Task  Force  accepted  final  proposals  to  cre¬ 
ate  an  instant-messaging  standard,  including  a  submission  by  AOL  to  the  IETF. 

SCO  reiterates  ultimatum  to  IBM 

■  The  SCO  Group  is  threatening  to  revoke  its  license  to  IBM  for  the  use  of  Unix  this  week, 
sticking  to  the  ultimatum  it  set  when  it  sued  Big  Blue  in  March.  AIX  is  IBM’s  flavor  of  Unix, 
but  SCO  owns  the  rights  to  some  elements  of  Unix.  Revoking  the  license  would  invalidate 
all  AIX  customer  licenses,  so  users  of  the  software  would  be  operating  with  an  invalid 
license, according  to  SCO.  AIX  is  sold  with  IBM's  pSeries  servers  and  other  products.  Unless 
IBM  corrects  the  wrongdoing  charged  by  SCO  or  settles  the  case,  SCO  intends  to  revoke 
the  license  it  sold  to  IBM  and  weigh  its  further  legal  options, an  SCO  spokesman  says. SCO 
sued  IBM  in  March,  charging  that  IBM  used  proprietary  Unix  code  for  the  open  source 
Linux  operating  system, violating  the  Unix  license  agreement.SCO  seeks  at  least  $1  billion 
in  damages  and  set  a  100-day  deadline  for  IBM  to  cease  its  “anticompetitive”  practices.  IBM 
denies  the  charges  brought  by  SCO  and  does  not  believe  its  license  can  be  revoked. 
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Fed  holds  firm  on  bank  requirements 

Disaster- recovery  procedures  at  heart  of  regulations. 


■  BY  ELLEN  MESSMER 

The  Federal  Reserve  is  pressing 
on  with  plans  to  force  the  largest 
financial  institutions  to  improve 
back-up  and  data-recovery  pro¬ 
cedures  to  guard  against  a 
repeat  of  the  disruptions  in  mon¬ 
etary  exchanges  that  occurred 
after  the  Sept.  1 1  terrorist  attacks. 

However,  the  Federal  Reserve 
also  is  tabling  further  talk  of  a 
controversial  distance  require¬ 
ment  —  perhaps  300  miles  — 
between  primary  and  back-up 
facilities.  That  idea  caught  the 
attention  of  New  York’s  political 
establishment,  which  com¬ 
plained  bitterly  that  it  would 
drive  thousands  of  jobs  out  of  a 
financial  district  that  already  suf¬ 
fered  the  brunt  of  those  attacks 
almost  two  years  ago. 

“Instead  of  the  300-mile  limit, 
we’re  asking  them  to  look  at 
whether  they’re  on  the  same 
[electric]  power  grid,  water  or 
telecommunications  grid  with 
the  primary  and  back-up  facili¬ 
ties,”  says  Steve  Malphrus,  CIO  of 
the  Board  of  Governors  and 
director  of  management  at  the 
Federal  Reserve  System. 

Secret  list 

Malphrus  says  the  Federal 
Reserve  is  putting  together  a 
secret  list  of  financial  institutions 
—  primarily  based  on  size  and 
market  influence  —  that  will  have 
to  follow  the  new  guidelines. The 
list  is  secret  because  it  contains 
sensitive  information  with  nation¬ 
al  security  implications.  He  says 
the  Federal  Reserve  is  not  going 
to  let  these  larger  institutions 
have  primary  data  center  opera¬ 
tions  and  backup  depend  on  the 
same  telecom  offices,  water  and 
electricity  supplies,  and  perhaps 
transportation  hubs. 

Malphrus  says  two-hour  recov¬ 
ery  time  in  a  crisis  is  reasonable 
to  expect  from  the  most  impor¬ 
tant  financial  institutions  process¬ 
ing  core  settlements  that  have  to 
be  done  to  keep  the  banking  sys¬ 
tem  up  and  going.They  have  got 
to  prove  to  us  they  are  not  on  the 
same  power,  telecommunica¬ 
tions,  water  and  transportation  for 
their  backup,”  he  emphasizes. 

Aspects  of  the  Federal  Reserves 
plan,  undertaken  with  the 
Securities  and  Exchange  Com¬ 
mission  and  the  Treasury’s  Office 
of  the  Comptroller  of  the  Cur¬ 
rency.  are  summarized  in  a  docu¬ 
ment  published  in  April  at 


www.sec.gov  called  the  “Inter¬ 
agency  Paper  on  Sound  Practices 
to  Strengthen  the  Resilience  of 
the  U.S.  Financial  System.” 

“This  continues  to  be  controver¬ 
sial,”  says  John  Carlson,  senior 
director  at  Bits,  the  technical  arm 
of  the  industry  trade  group 
Financial  Services  Roundtable, 
which  has  about  100  members, 
including  the  nation’s  largest 
banks,  Citigroup,  J.P  Morgan 
Chase  &  Co., Wells  Fargo  &  Co. and 
Wachovia. 

Carlson  says  many  of  the  larger 
banks  are  worried  that  they  will 
end  up  on  the  Federal  Reserve’s 
secret  list  of  organizations  re¬ 
quired  to  conform  to  new  disas¬ 
ter-recovery  guidelines  while 
their  closest  competitors  won’t. 
“It’s  become  a  competitiveness 
issue  because  there  will  be  costs 
involved  in  this,”  he  notes. 

Bits  members  would  like  to  see 
federal  regulators  give  approval 
to  foreign  sites  for  backup  and  re¬ 
covery  because  many  larger 
organizations  maintain  large  data 
processing  sites  abroad  and 
domestically.  Bits  also  is  urging 
regulators  to  address  the  role  the 
nation’s  telecom  industry  can 
play  in  fostering  improved  disas¬ 
ter  recovery  by  improving  net¬ 
work  redundancy 

Behind  closed  doors 

Later  this  summer,  Bits  and 
some  of  its  members,  including 
Bank  of  America,  will  meet  be¬ 
hind  closed  doors  with  Ameri- 
tech  and  other  carriers  in  a  dis¬ 
cussion  that  also  will  include 
the  federal  crisis  management 
group  National  Communica¬ 
tions  System. 

“This  will  be  about  circuits  and 
how  they’re  maintained,”  Carlson 
says.  “We  want  to  know  about 
[network]  dependencies  and 
perhaps  have  new  facilities  built 
or  new  technologies  used.”  He 
says  this  is  the  first  time  the  carri¬ 
ers  will  share  this  kind  of  sensitive 
proprietary  information  with  the 
banking  industry. 


Corrections 


■  In  the  story  "Start-up  hopes 
to  ease  WLAN  config"  (June  9, 
2003,  page  8)  the  CEO  of 
Propagate  should  have  been 
listed  as  Gary  Vacon. 


Bones  of  contention 


The  Federal  Reserve  is  draw¬ 
ing  up  disaster-recovery 
guidelines  for  banks. 


• 

Largest  institutions  will  be  held 
to  toughest  disaster-recovery 
guidelines,  so  banks  are  worried 
their  closest  competitors  might 
be  excluded  while  they  pay 
dearly. 

• 

Some  argue  that  fastest  data 
recovery  will  rely  on  synchro¬ 
nous  processing,  but  that  might 
limit  the  technology’s  use  to 
about  25  miles. 

• 

Proposed  recovery  times  of 
two  to  four  hours  might  be 
impractical. 

• 

Industry  worries  regulators 
underestimate  role  of  telecom 
providers  in  ensuring  no  single 
point  of  network  failure. 

The  Federal  Reserve  has  de¬ 
fused  some  of  the  controversy 
surrounding  its  unfolding  disas¬ 
ter-recovery  guidelines  by  push¬ 
ing  out  the  deadline  to  make 
changes  from  one  year  to  three 
years  in  some  cases,  instead  of 
the  originally  proposed  six 
months. 

But  smaller  banks  and  broker¬ 
ages  —  all  of  which  are  also  sub¬ 
ject  to  periodic  security  audits  by 
a  host  of  regulatory  authorities  — 


■  BY  JIM  DUFFY 

Covad  Communications  last 
week  announced  it  is  acquiring 
approximately  23,000  out-of- 
region  business  DSL  customers 
from  Qwest  for  $3.75  million. The 
customers  will  be  offered  similar 
Covad  business-class  services. 

Qwest  says  it  is  selling  the  busi¬ 
ness  as  part  of  an  effort  to  identi¬ 
fy  profitable  revenue  opportuni¬ 
ties.  Covad,  meanwhile,  says  the 
Qwest  business  represents  a  sig¬ 
nificant  growth  opportunity  for 
Covad,  which  operates  a  nation¬ 
wide  network. 

However,  some  analysts  view 
the  transaction  negatively 

“Everyone  loses,  if  only  a  little,” 
Brian  Washburn  of  Current 
Analysis  said  in  a  report. “Qwest 
is  pulling  the  plug  on  national 


shouldn’t  think  they’re  off  the 
hook  in  terms  of  new  regulation. 

That’s  because  the  Federal 
Financial  Institutions  Examin¬ 
ation  Council  (FFIEC),  an  inter¬ 
agency  group  that  supervises 
examination  of  financial  institu¬ 
tions,  is  in  the  midst  of  issuing 
the  most  sweeping  set  of 
changes  to  security  auditing 
rules  since  1996. 

So  far,  FFIEC  has  issued  three  so- 
called  IT  Examination  Handbook 
“booklets”  (which  have  hundreds 
of  pages)  in  the  past  few  months 
to  replace  guidelines  that  were  in 
place  before  the  Internet,  online 
banking  and  the  Web  became  im¬ 
portant.  They  are  titled  “Informa¬ 
tion  Securityf'Business  Continuity 
Planning”  and  “Supervision  of 
Technology  Service  Providers,” 
which  details  how  federal  exam¬ 
iners  will  evaluate  independent 
data  centers  and  other  technolo¬ 
gy  providers  assisting  banks  in 
processing  transactions. 

Some  new  demands  from  regu¬ 
lators  concern  use  of  technolo¬ 
gies  largely  unknown  a  decade 
ago.  For  instance,  financial  institu¬ 
tions  are  expected  to  use  intru¬ 
sion-detection  systems  and  be 
prepared  to  respond  and  preserve 
evidence  related  to  use  of  IDS. 

The  FFIEC  is  expected  to  issue 
about  a  half-dozen  other  hand¬ 
books  on  new  security  guidelines 
by  year-end.  ■ 


business  services  via  DSL, 
increasingly  a  focus  of  its  big 
three  [interexchange  carrier] 
competitors.  Covad,  which  is  in 
no  position  to  make  payouts,  is 
putting  down  millions  to 
acquire  customers  it  already 
served  on  a  wholesale  basis. 
Covad  also  loses  Qwest’s  finan¬ 
cial  commitments,  and  the 
Qwest  brand  name  as  a  partner. 
Customers  lose  their  carrier  of 
choice  in  this  forced  switch.” 

Most  affected  customers  are 
located  in  Alabama,  California, 
Connecticut,  Delaware,  Florida, 
Georgia,  Illinois,  Indiana,  Kansas, 
Louisiana,  Maryland,  Massachu¬ 
setts,  Michigan,  Missouri,  New 
Hampshire,  New  Jersey,  New  York, 
Nevada,  North  Carolina,  Ohio, 
Pennsylvania,  Rhode  Island, Texas 
and  Wisconsin.  ■ 
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Covad  snaps  up  Qwest 
DSL  customers 


To  me,  success  is  a  35  minute  lunch. 


At  a  restaurant,  not  my  desk. 


Means  I'm  not  wasting  time  doing  the 


same  data  management  task  again  and 


again  and  algain  and. ..well, you  get  it. 


Save  the  day. 


Consolidate  your  work  by  consolidating  data  from  all  your  different  systems.  One  way  is  with  a  V2X  Shared  Virtual  Array  "subsystem 
and  SnapVantage’”  software  to  unite  all  your  Linux  virtual  servers.  Or  an  L5500  automated  tape  library  and  T9940B  tape  drive.There 
are  other  ways,  too.  We'll  help  find  the  one  that's  best.  So  storage  administration  takes  a  smaller  bite  out  of  your  day.  Learn  more 
about  this  story  and  other  ways  we  can  help  you  at  www.savetheday.com  STORAC ETE K’  Save  the  Day.” 
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Toshiba  set  to  combine  Wi-Fi  and  VoIP 


■  BY  PHIL  HOCHMUTH 

Toshiba  is  expected  to  soon 
launch  a  Wi-Fi  voice-over-IP  prod¬ 
uct  portfolio  aimed  at  bringing 
converged  voice/data  applica¬ 
tions  to  laptops  and  PDAs  in  large 
organizations. 

Toshiba’s  Media  Communi¬ 
cation  System  (MCS)  product 
family  includes  server  and  appli¬ 
ance  hardware  for  deploying 
PBX/VoIP  integration  and  wire¬ 
less  authentication,  quality  of  ser¬ 
vice  (QoS)  and  roaming  in  a 
company  with  an  existing  Ether¬ 
net  LAN  and  802.11  infrastruc¬ 
ture.  The  system  could  be  used  to 
add  Toshiba-based  softphone 
clients  to  an  existing  PBX  net¬ 
work,  while  letting  clients  access 
converged  wireless  applications, 
Toshiba  says. 

Toshiba  has  been  a  leader  in 
mobile  laptops  and  PDA  devices, 
but  it  has  had  relatively  low-pro¬ 
file  businesses  in  PBXs,  Intel 
servers,  VoIP  and  Wi-Fi  access 
point  business  in  the  U.S., Gemma 
Paulo,  an  analyst  at  In-stat/MDR 
says.“Now  it  looks  like  Toshiba  is 
trying  to  combine  some  of  these 
various  product  areas  and  offer 
something  that  no  other  vendors 
have  put  together^  she  says. 

The  company  says  customers  in 
the  manufacturing,  medical  and 
retail  markets  could  benefit  from 


MCS. The  MCS  platform  will  com¬ 
pete  with  products  from  Avaya, 
Cisco,  Nortel,  SpectraLink,  and 
Symbol  Technologies. 

MCS  consists  of  Intel/Red  Hat 
Linux-based  servers  and  appli¬ 
ances,  which  control  a  variety  of 
functions  on  an  802.1 1-based 
wireless  LAN  (WLAN)  and  add 
voice  features.  An  MCS  Master- 
Server  provides  call  control  for 
clients,  using  Session  Initiation 
Protocol, and  can  interface  with  a 
Avaya,  Nortel  or  Toshiba  PBX. 

This  lets  Wi-Fi  VoIP  clients  have 
the  same  dialing  plan  and  fea¬ 
tures  as  wired  PBX  phones,  and 
for  public  switched  telephone 
network  access.The  MasterServer 
also  is  used  to  administer  users 
on  the  system  and  provide  client 
authentication.  The  server  can 
interface  with  Microsoft  Active 
Directory,  Lightweight  Directory 
Access  Protocol  directory  servers 
and  RADIUS  servers  for  end-user 
authentication  and  management. 

The  next  MCS  components  are 
the  Node  Controllers, which  act  as 
gatekeepers  into  the  network.The 
Node  Controllers  attach  to  WLAN 
subnets  and  provide  authentica¬ 
tion  (based  on  802.  lx)  and  QoS 
for  voice  traffic,  and  let  Wi-Fi  VoIP 
clients  roam  among  access  points 
in  a  subnet,  or  across  subnets  (see 
graphic). 

The  Node  Controllers  perform 


Toshiba's  Wi-Fi  VoIP  blueprint 

Toshiba  is  announcing  Wi-Fi  VoIP  suite  aimed  at  enabling  PBX  networks  with  wireless  VoIP 
clients  that  can  run  converged  applications. 


A  Toshiba  Mobility  Communication  System  (MCS)  Master- 
Server  acts  as  a  SIP-based  call  control  node,  linking  the 
PBX  to  the  Wi-Fi  VoIP  clients.  The  box  also  handles  end- 
user  administration  and  authentication  management 


MCS  Node  Controllers  provide  Wi-Fi  roaming  authentication  and  QoS 
to  let  SIP-based  Wi-Fi  voice  clients  move  among  access  points  without 
disrupting  phone  conversations.  The  devices  can  attach  directly  to 
LAN  switches  that  aggregate  Wi-Fi  access  points,  or  sit  on  the  same 
VLAN  as  LAN  switches  and  access  points  in  a  certain  subnet. 
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Wi-Fi  VoIP  subnet 


Laptop 

Wi-Fi  VoIP  VLAN  subnet 


Toshiba  Wi-Fi  VoIP  clients  can 
connect  outside  lines  or 
other  phone  extensions  in 
the  office  through  a  Cisco 
gateway  attached  to  a  PBX. 
Next  year,  Toshiba  says  it  will 
integrate  cellular  roaming 
into  the  MCS  system. 


functions  similar  to  those  in 
some  WLAN  switch  products, says 
Bill  Greenlund,  a  Toshiba  market¬ 
ing  vice  president.  He  says  that 
the  Node  Controllers  do  not 
attach  directly  to  wireless  access 
points  and  are  not  used  to  man¬ 
age  access  point  configurations 
—  a  primary  function  of  most 
WLAN  switches. 


The  Node  Controllers  come 
with  dual-Gigabit  Ethernet  ports 
and  can  be  attached  directly  to  a 
LAN  switch  or  anywhere  on  the 
network  and  configured  into  a 
virtual  LAN. 

Greenlund  says  Toshiba  next 
year  plans  to  integrate  Wi-Fi-to-cel- 
lular  roaming  of  devices  that  can 
support  802.11  and  3G  technol¬ 


ogy  More  work  among  Toshiba, 
carriers  and  device  chip  makers 
will  be  required  for  that  to  hap¬ 
pen, he  adds. 

Initial  pricing  for  MCS  will  be 
about  $1,200  per  user  for  a  net¬ 
work  of  25  clients,  a  MasterServer 
and  three  Node  Controllers,  and 
softphone  clients.  MCS  products 
will  be  available  next  quarter.  ■ 


HP  to  refresh  mgmL  software 


■  BY  DENISE  DUBIE 

HP  this  week  will  unveil  more 
than  30  new  and  upgraded  man¬ 
agement  products  that  the  com¬ 
pany  says  will  further  its  recently 
aired  vision  for  utility  computing, 
dubbed  the  Adaptive  Enterprise. 

The  company  plans  to  intro¬ 
duce  the  products  at  its  Software 
Forum  in  Chicago,  where  HP 
expects  roughly  1,500  attendees. 

HP  will  announce  new  features 
for  products,  including  Network 
Node  Manager  (NNM)  Advanced 
7.0,  Internet  Services  5.0  and 
Transaction  Analyzer  2.0.  The 
company  also  will  introduce  sev¬ 
eral  smart  plug-ins,  software 
adapters  that  support  specific 
applications  and  platforms,  and 
more  than  10  report  packs,  which 
give  customers  tools  to  generate 
canned  and  customized  reports. 

Many  improvements  will  in¬ 
clude  advanced  automation  and 


intelligence  features.  That’s  in 
sync  with  HP’s  Adaptive  Enter¬ 
prise  strategy  which  entails  smart 
hardware  and  software  that  deliv¬ 
ers  IT  resources  as  end  users  and 
applications  need  them. 

The  Service  Navigator  Value 
Pack,  an  add-on  to  HP’s  Service 
Navigator  software,  is  designed  to 
help  network  managers  build  ser¬ 
vice  models  with  a  point-and- 
click  GUI,  eliminating  the  need  to 
write  code  or  XML  text  files.  The 
software  then  can  compare  infra¬ 
structure  performance  against 
defined  service-level  metrics  in 
Service  Desk  software. 

Tim  Hagn,  vice  president  of  IT 
operations  and  engineering  at 
Zurich  Life  in  Schaumburg,  Ill., 
says  while  at  HP’s  show  this  week 
he  hopes  to  learn  about  new 
automation  features  in  products 
such  as  NNM,  Service  Reporter 
and  Service  Navigator. 

“What  we  do  now  is  fairly  man¬ 


ual.  I  need  a  tool  that  will  show 
me  where  I’m  not  using  re¬ 
sources,”  Hagn  says.  To  meet  the 
demands  of  upper  management, 
he  says  he  must  prove  the  IT  infra¬ 
structure  directly  supports  busi¬ 
ness  applications,  and  he  needs 
to  ensure  IT  performance  does 
not  interrupt  service  delivery  or 
business  operations. 

Jason  Kennedy  says  by  early 
next  year  he  hopes  to  achieve  a 
service-oriented  management 
approach  across  the  130  loca¬ 
tions  he  oversees  as  systems 
management  analyst  for  Best 
Buy  Canada  in  Vancouver,  B.C. 
Kennedy  says  he  hopes  to  see 
more  ease-of-use  and  Web- 
based  administration  features  in 
the  new  version  of  NNM. 

“The  software  is  easy  to  deploy 
but  there  is  still  a  lot  of  configura¬ 
tion  involved  to  get  it  to  work 
right  for  what  you  want  it  to  do,” 
Kennedy  says.  ■ 


OpenView  evolves 

HP  is  upgrading  its  management  software.line  with  auto¬ 
mation,  intelligence  and  other  features. 


New  product 

Features 

Performance 
Insight  for 
System 
Resources 
Report  Pack 

Systems  reporting;  Web-based  performance 
management  for  Unix;  a  performance  agent  that 
supports  secure  manager  to  agent  communi¬ 
cations  and  deployment  from  HP  OpenView 
Operations  software. 

Service 

Navigator 

Value  Pack 

GUI  to  be  used  with  OpenView  Service 

Naviagtor;  automates  the  process  of  building 
service  models;  works  with  Service  Desk  4.5  to 
correlate  service  models  with  infrastructure 
performance. 

Improved  product 

Features 

Network  Node 
Manager 
Advanced  7.0 

Automated  testing  and  event  correlation;  built-in 
intelligence  engine  to  reduce  mean  time  to  repair; 
Layer  2  and  Layer  3  fault  management. 

Internet 
Services  5.0 

Test  scripts  from  tool  vendors,  such  as  Segue  and 
Mercury,  let  customers  perform  application  testing 
in  the  production  environment 

Transaction 
Analyzer  2.0 

Application  server  platform  support  for  WebSphere 
5.0  and  WebLogic  8.1;  operating  system  support  for 
Linux,  Apache,  iPlanet  on  AIX;  OS/390  support  to 
extend  transaction  analysis  to  the  mainframe. 

Your  priorities 
are  dear  now. 


Switching  to  a  converged  environment  is  a 
complicated  process.  And  you  don’t  have  time 
to  master  every  platform.  Not  with  everything 
else  on  your  plate. 


Fortunately,  NextiraOne  can  help.  With  our 
proven  expertise  in  converged 

environments,  your  migration 
becomes  much  clearer. 

And  your  job  does  too. 

At  NextiraOne,  our 
experienced  professionals 
bring  clarity  to  your  complex 
communications  networks.  Whether 
we’re  planning,  designing,  implementing,  supporting 
or  managing.  Whether  it’s  a  voice,  data  or  converged 
infrastructure.  Whether  you’re  in  the  United  States 
or  around  the  world.  No  matter  what,  we  provide 
the  expertise,  resources,  leadership  and  vendor- 
independence  that  ensure  world-class  networks. 

In  fact,  NextiraOne  is  already  working  —  adding 
clarity  —  at  almost  500,000  sites  worldwide. 


Simply  put,  whatever  we  do  and  wherever  we  go, 
clarity  follows.  So,  instead  of  spending  all  your 
time  learning  the  intricacies  of  convergence,  you 
can  trust  NextiraOne  —  and  get  back  to  the  rest 
of  your  responsibilities.  Like  getting  full  value 
out  of  your  IT  resources. 


www.NextiraOne.com 
(888)  398-0547 
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with  a  WLAN  that  could  have 
spotty  throughput,  gaping  secur¬ 
ity  holes  and  a  cumbersome  end- 
user  experience.  It  also  could  be 
a  nightmare  to  manage. 

Planning  is  key 

If  not  carefully  planned, 
WLANs  become  disproportion¬ 
ately  more  complicated  when 
deployed  as  an  enterprise  net¬ 
work  compared  with  a  depart¬ 
ment  network. 

Procedures  and  practices  that 
work  fine  for  10  access  points  fall 
apart  when  the  project  is  10 
times  larger.  “That  just  doesn’t 
scale”  is  a  constant  refrain  from 
the  network  builders  inter¬ 
viewed  for  this  story. 

Microsoft  began  to  get  a  grip 
on  scale  with  its  pilot  WLAN. 
During  the  four-month  project 
that  included  600  users  in  two 
six-story  buildings,  the  company 
uncovered  several  problems, 
from  end-user  fears  of  radio¬ 
wave  irradiation  to  potentially 
huge  delays  and  cost  caused  by 
having  to  run  power  cables  to 
each  access  point. 

Another  problem  was  network 
operations  and  maintenance. 

“We  found  that  about  [every] 
40  access  points  generated 
about  one  service  call  per  day]’ 
says  Don  Berry,  senior  network 
engineer  of  the  Operations  and 
Technology  Group  at  Microsoft. 

1 1  Working  out  an 
end-to-end  support 
model  before  you 
begin  is  very  impor¬ 
tant  11 

Don  Berry 

Senior  network  engineer, 
Operations  and  Technology 
Group,  Microsoft 


This  was  not  scalable  to  what 
we  envisioned." 

“Working  out  an  end-to-end 
support  model  before  you  begin 
is  very  important,"  he  says.  That 
means  asking,  and  answering, 
questions  such  as:  How  will  we 
service  the  unit,  and  who  will 
replace  it? 

Thinking  big  led  the  Microsoft 
engineers  to  come  up  with  inno¬ 
vative  solutions.  One  was  creat¬ 
ing,  in  effect,  its  own  power-over- 
Ethemet  technology,  before  any 
commercial  implementations 


were  available.  That  saved 
$600,000  and  shortened  the 
install  cycle  by  eight  weeks, 
Berry  says. 

But  more  importantly,  it  lets  net¬ 
work  managers 
switch  power  on 
and  off  remotely, 
causing  a  reboot  or 
reset  of  the  access 
point  without  having 
to  send  a  technician 
to  the  device. 

At  the  same  time, 

Microsoft  linked 
each  access  point  console  port 
to  a  terminal  server  in  a  cable 
room.  “We  now  have  remote 
access  to  all  console  ports,”  Berry 
says.  That  means  that  a  local 


building  facilities  technician, 
instead  of  a  network  administra¬ 
tor  from  the  data  center,  can 
install  or  replace  an  access 
point.“Then,the  standard  access- 
point  configuration  is  brought 
up  remotely  from  our  operations 
center]’  he  says. 

Designing  for  size 

To  translate  big  thoughts  into 
reality,  these  users  say,  requires  a 
wireless  architecture  —  a  set  of 
design  rules  that  allow  flexibility 
in  deployment  while  ensuring 
that  the  result  will  be  manage¬ 
able,  secure  and  scalable. 

Microsoft,  to  a  large  degree, cre¬ 
ated  its  architecture  as  it  went 
along,  partly  through  the  lessons 
learned  from  its  pilot  project.  But 
the  perspective  from  the  begin¬ 
ning  was  that  all  the  WLAN  deci¬ 
sions  had  to  work  across  thou¬ 
sands  of  access  points. 

Cisco,  now  with  3,000  wireless 
access  points  at  300  sites  in  100 
countries,  began  with  the  fixed 
idea  of  a  single  global  WLAN 
deployment. 

“We  created  a  single  support 
model,  a  single  client  Web  site 
with  all  our  generic  wireless  LAN 
information,  and  standards  for 
security  and  installation,”  says 
David  Castaneda,  member  of 
technical  staff,  with  Cisco’s 
Infrastructure  IT  group. 

Based  on  tests  and  pilots,  the 


Cisco  design  team  laid  out  an 
architecture  that  still  guides  all 
of  the  company’s  WLAN  deploy¬ 
ments.  The  architectural  rules 
included: 

•  Use  only 
802.11b  11M  bit/ 
sec  gear. 

•  Connect  no 
more  than  25  cli¬ 
ents  connecting  to 
any  one  access 
point. 

•  Authenticate 
via  a  global  system 

based  on  the  802. lx  standard  for 
port-based  authentication  and 
RADIUS  servers. 

•  Deploy  only  one  virtual  WLAN 
per  building,  so  employees  can 


move  anywhere  in  the  building 
and  maintain  their  session. 

One  of  the  most  important  fea¬ 
tures  of  the  Cisco  architecture  is 
the  processes  and  procedures, 
embodied  in  documents  and 
flow  charts  that  communicate 
these  rules  throughout  a  global 
company  and  to  the  systems 
integrators  with  whom  it  part¬ 
ners  for  deployments  outside 
the  U.S. 

“The  question  we  asked  is, 
‘How  do  we  apply  this  across 
hundreds  of  [Cisco]  sites?”’  says 
Oisin  Mac  Alasdair,  technical 


project  manager  with  Cisco 
Infrastructure  IT. 

A  global  project  management 
team  worked  closely  with  “thea¬ 
ter"  project  managers  in  various 
large  regions,  holding  weekly 
conferences.The  details  of  local 


deployments  were  left  to  local 
offices  as  long  as  they  followed 
the  blueprint.  Local  vendors 
and  suppliers  followed  the 
same  blueprint  for  equipment 
and  installation.  And  all  of  them 
had  to  meet  a  detailed,  post¬ 
installation  testing  before  the 
project  team  signed  off  on  the 
network. 

Now  a  global  operational  man¬ 
agement  team  focuses  on 
improving  the  stability  of  the 
WLAN.  A  group  responsible  for 
global  network  infrastructure 
will  oversee  future  changes, such 
as  an  upgrade  to  54M  bit/sec 
802.1  lg  radios. 

Wireless  security 

The  security  problems  of 
WLANs  can  be  summed  up  sim¬ 
ply:  It’s  like  putting  an  unattend¬ 
ed  Ethernet  jack  on  the  sidewalk 
outside  your  office. 

In  large-scale  WLANs, you  need 
multilayered  security  and  a 
mindset  that  never  takes  any¬ 
thing  for  granted,  says  Tim 
Stettheimer,  CIO  for  St.  Vincent’s 
Hospital.  The  338-bed  hospital 
has  about  170  access  points  cov¬ 
ering  its  Birmingham,  Ala.,  cam¬ 
pus  (see  www.nwfusion.com, 
DocFinder:  6345).  Among  other 
practices  at  St.Vincent’s  are: 

•  Polling  all  access  points 
every  few  minutes  to  catch  con¬ 
figuration  changes. 

•  Registering  media  access 
control  addresses  to  control  net¬ 
work  access. 

•  Scanning  radio  waves  con¬ 
stantly  for  intruders  or  unautho¬ 
rized  access  points. 

•  Confirming  wireless  users  via 
the  existing  RADIUS  authentica¬ 
tion  system. 

Flexibility  has  been  an  invalu¬ 
able  asset  for  the  network  profes¬ 
sionals’  project  at  University  of 


Maryland  Medical  Center  in  Balt¬ 
imore.  The  hospital  group  has  de¬ 
ployed  Enterasys  Networks 
access  points  and  network  inter¬ 
face  cards  (NIC),  partly  to  match 
up  with  its  Enterasys-based  wire- 
line  network.  The  initial  focus  is 


on  “care  units”  such  as  the  shock- 
trauma  unit,  cardiology  and  new 
patient-care  wings. 

“We  didn’t  think  of  going  out¬ 
side  the  care  units  into  the  hall¬ 
ways,”  says  Michael  Minear,  CIO 
for  the  healthcare  facility  “And 
they  [doctors  and  nurses]  want¬ 
ed  us  to  do  that.” 

Maryland  Medical  accommo¬ 
dated  the  unexpected  expansion 
into  more  open  areas,  including 
elevators,  in  part  because  of  a 
flexible  security  framework:  wire¬ 
less  VPN  with  128-bit  encryption 
keys,  firewalls  and  wireless  proto¬ 
col  sniffers;  and  security  software 
that  encrypts  downloaded  data 
on  PDAs  and  tablet  PCs. 

To  VPN  or  not  to  VPN 

One  of  the  most  commonly 
cited  wireless  security  solu¬ 
tions  is  using  a  VPN,  which  typi¬ 
cally  involves  a  firewall  and  a 
client  software  application.  In 
effect, you  treat  your  WLAN  as  if 
it  were  the  Internet:  an  untrust¬ 
ed  and  potentially  hostile  net¬ 
work. 

But  two  of  the  biggest  sites 
don’t  use  VPNs  for  their  WLANs. 

At  Microsoft,  a  user  powers  up 
the  laptop  and  the  wireless  NIC 
associates  with  an  uncontrolled 
port  on  an  access  point.This  port 
admits  only  RADIUS  traffic,  which 
is  directed  to  a  RADIUS  authenti¬ 
cation  server. The  server  connects 
to  a  domain  controller,  which 
issues  the  appropriate  digital  cer¬ 
tificates  that  are  part  of  Micro¬ 
soft’s  public-key  infrastructure 
(PKI).  Then,  the  access  point 
opens  the  controlled  port  to  give 
the  authenticated  client  network 
access. 

“PKI  is  a  significant  invest¬ 
ment,”  Berry  says.  “It’s  certainly 
not  for  everyone." 

Cisco  took  another  route.  The 
wireless  architects  concluded 
that  they  had  to  build  a  global 
authentication  system  —  from 
scratch  —  to  replace  three  sepa¬ 
rate  databases  based  on  Micro¬ 
soft  Windows  NT  as  the  domain 
authentication  systems. 

The  new  “triple-A"  system 
(authentication,  authorization 
and  auditing)  is  based  on 
Microsoft  Active  Directory  and 
13  Cisco  Access  Control  Servers, 
which  support  the  so-far  iron¬ 
clad  Advanced  Encryption  Sys¬ 
tem.  One  systems  administrator 
oversees  the  system,  which 
serves  about  27,000  employees 
worldwide. 

Like  Microsoft,  Cisco  was  an 
early  champion  and  adopter  of 
the  IEEE  802. lx  authentication 
standard.  Cisco  also  authored  the 

See  WLAN,  page  13 


First  of  two  parts 


The  problem:  Wireless  access  points  sometimes  flake  out,  hang 
up  or  otherwise  need  a  visit  from  a  human  being  for  servicing. 

The  big  problem:  Microsoft  discovered  that  one  service  call  per  day 
was  needed  for  one  of  about  every  40  access  points  installed  —  that 
translated  into  62  technician  visits  every  day  on  the  Redmond  campus. 


The  think-small  solution:  “Hey,  Mike.  Can  you  check  the  access 
points  in  Building  4?  Oh.  Well,  where's  Phil?” 

The  think-big  solution:  End-to-end  support  plan;  standard  access 
point  software  image;  installation  standards;  power  over  Ethernet. 

' - - -  ■ _ ) 


“That  just  doesn't  scaled 

The  problem:  Authenticating  wireless  LAN  users. 

The  big  problem:  Cisco  needed  to  authenticate  27,000  employees 
worldwide,  including  those  traveling  often  between  Cisco  sites. 

The  think-small  solution:  Maintain  a  look-up  database  of  client 
MAC  addresses;  authenticate  to  a  local  RADIUS  server  or  NT 
domain  server. 

The  think-big  solution:  Cisco  created  a  global  authentication 
system,  with  Microsoft  Active  Directory,  Advanced  Encryption 
System  and  the  IEEE  802. lx  authentication  standard. 


|  www.nwfusion.com 

News 

6/16/03 

NetworkWorld  H 

‘That  just  doesn't  scale.”_ 

The  problem:  Loading  and  managing  VPN  client  software  to  set 
up  encrypted  wireless  connections. 

The  big  problem:  McGill  University  needed  a  way  to  do  this  for 
as  many  as  24,000  students. 


The  think-small  solution:  “Did  you  try  rebooting  it?Try  it  again." 

The  think-big  solution:  McGill  worked  closely  with  security 
controller  vendor  Colubris  to  create  a  client  that  downloads  via 
the  Web,  plus  installs  and  configures  almost  automatically. 

I _ J 


WLAN 

continued  from  page  12 

Lightweight  Extensible  Access 
Protocol  (LEAP)  and  co¬ 
authored  the  Protected  Exten¬ 
sible  Authentication  Protocol 
(PEAP), which  is  gaining  ground 
as  the  protocol  of  choice  in  the 
enterprise. 

Large-scale  VPNs 

By  contrast,  McGill  University 
in  Montreal  wanted  to  avoid  the 
complexities  of  PKI  for  wireless 
security  McGill  has  200  access 
points  in  some  of  the  120  build¬ 
ings  that  form  its  downtown 
campus,  with  about  100  concur¬ 
rent  users.  The  plan  is  to  deploy 
1,000  at  all  locations.  VPNs 
offered  the  kind  of  strong 
encryption  McGill  wanted,  with¬ 
out  the  administrative  overhead 
of  digital  certificates. 

At  the  same  time,  it  was  vital  in 
a  network  this  size  that  wireless 
users  be  able  to  log  on  easily, and 
have  the  VPN  connection  just 
work.  For  this,  McGill  turned  to 


Colubris  Networks,  and  its 
CN3500  Access  Controller,  cou¬ 
pled  with  Colubris’  VPN  servers 
and  access  points.  “The  CN3500 
blocks  access  to  the  backbone 
until  the  authentication  by  our 
existing  RADIUS  server  is  done,” 
says  Gary  Bernstein,  McGill’s 
director  of  networks  and  com¬ 
munications  services. 

As  part  of  this  watchdog  func¬ 
tion,  the  controller  creates  a  sim¬ 
ple  way  to  load  the  VPN  client 

Get  more  information  online. 
DocFinder:  6354 
www.nwfusion.com 


application  on  student  laptops. 
When  new  students  arrive  and 
register,  they  get  their  network 
username  and  password.  When 
they  fire  up  the  Web  browser  on 
their  wireless  laptop  for  the  first 
time,  one  of  13  CN3500s  inter¬ 
cepts  the  request  for  a  Web  page, 
and  via  Secure  Sockets  Layer  dis¬ 
plays  a  link.  Clicking  on  the  link 
triggers  a  10-second  download  of 
the  client  code,  called  Net- 
Connect,  which  installs  almost 
automatically 

“It’s  a  very  neat  way  to  do  a 
client  distribution  without  actual¬ 


ly  [physically]  distributing  clients. 
It’s  a  bootstrap  operation,” 
Bernstein  says.  “Our  goal  was  to 
minimize  [the  need  for  calls  to] 
the  help  desk.” 

As  soon  as  the  students  authen¬ 
ticate,  they  enter  username  and 
password  in  a  screen  form,  click, 
and  the  controller  sets  up  the 
encrypted  VPN  tunnel. 

The  next  stage,  says  Francois 
Robitaille,  McGill’s  manager  of 
network  infrastructure, will  begin 
when  Colubris  blends  the  VPN 
software  into  the  controller,  and 
modifies  NetConnect  so  that 
users  will  only  have  to  enter  their 
username  and  password  once. 
Then  the  controller  can  launch 
the  VPN  session  on  behalf  of 
users  running  Windows. 

As  these  accounts  make  clear, 
thinking  big,  and  designing  big, 
are  critical  if  you  want  a  WLAN 
to  grow  beyond  a  score  or  so  of 
access  points. 

In  Part  2 ,  we  explore  manage¬ 
ment  and  operations  issues  for 
big  WLANS. 
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know  the  latest  on 
equipment  that 
connects  the  enter¬ 
prise  to  carrier 
services?  Our  Service 
Provider  page  has  the 
goods  on  it  and  the 
intriguing  new  offer¬ 
ings  from  service 
providers. 
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TODAY  1WAS  A  GOOD  DAY.  I  FOUND 

A  WHOLE  NEW  AREA  OF  WASTE  AMD 

INEFFICIENCY. 


You’ve  stretched  every  budget  and  cut  every  bit  of  fat.  Or  have  you?  SAP  solutions  give  you  real-time  visibility  of  information  across 
your  entire  enterprise,  so  you  can  plug  the  leaks  in  your  supply  chain  with  greater  accuracy,  get  products  to  market  faster,  get  more  out  of 
procurement  and  reduce  duplication.  Things  you  might  be  doing  now.  But  could  be  doing  more  effectively  with  the  right  business  solution. 
Visit  sap.com/solutions  or  call  800  880  1727  for  details. 
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r  A  Dell  PowerEdge  6650  server  running 
Linux  and  Oracle  9/  tested  faster  and  wa 
less  expensive  than  a  Sun  Fire  V480 
server  running  Oracle  9 /. 

Translation: 

Do  more.  Spend  less.  Look  very,  very  smart. 


Dell  servers  use  cost-effective,  industry-standard 
technology  such  as  Intel  Xeorf  processors. 


Dell  PowerEdge " 
rack-mounted  servers. 


Dell  J  Enterprise 

In  a  recent  Dell  test,  a  Dell/Oracle®  9//Linux  solution  running  on  an  Intel®  Xeon™  processor-based  Dell  PowerEdge™  6650  server 
was  89%  faster  and  39%  less  expensive  than  a  Sun  Fire  V480  server  running  an  Oracle  9//Sun  Solaris  solution.1  To  see  complete  test 

results,  go  to  www.dell.com/migration16. 

There's  little,  if  any  debate:  Migrating  your  Oracle  applications  from  UNIX  to  a  standards-based  solution  lowers  TCO.  The  real  questions  are  "How 
does  it  perform?,''  "How  much  will  it  lower  TCO?"  and  "Who  do  we  turn  to?"  Well,  when  you  migrate  your  Oracle  database  applications,  remember 
this:  Dell  gives  you  both  mind-bending  performance  and  unparalleled  expertise,  at  a  TCO  so  small  you'll  need  a  microscope  to  find  it.  And  the 
entire  solution  is  backed  by  enterprise  level,  24/7  service  and  support. 


Get  on  the  fast  track  to  migration.  Visit  www.dell.com/migration16  and  go  to  the  Dell  UNIX  Migration  online  calculator  for  a  free  migration  assessment. 
A  Dell  migration  solution  comes  complete  with  end-to-end  migration  services  including  baseline  assessment,  risk/migration  planning,  ROI  analysis, 
end-to-end  migration  management  and  careful,  rapid  implementation.  Call  1-866-871-9882  today  to  speak  with  a  Dell  representative.  Together, 
you  can  assess  your  individual  needs  and  then  develop  a  cost-effective  plan  for  UNIX  migration. 


Get  more  out  of  your  enterprise  for  less.  Easy  as 
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Clickwww.dell.com/migration16  Call  1-866-871-9882 

toll  free 
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In  processors  Sola- is  9 112/02  version)  Price  $53,796  twww  sun  com.  3/17/03).  3  Year  Gold  Support  For  details  and  results,  see  www  dell  com/migration 
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Wal-Mart  leading  RFID  charge 

Bar  code  successor  seen  speeding  broad  range  of  retail  operations. 


■  BY  JOHN  COX 

CHICAGO  —  Wal-Mart  last  week  got  seri¬ 
ous  about  radio  frequency  identifica¬ 
tion,  airing  plans  to  roll  out  the  technol¬ 
ogy  internally  and  coming  out  in  sup¬ 
port  of  a  retail  industry  effort  to  create  a 
global  standard  for  radio-based  product 
identifiers. 

In  a  joint  presentation  with  the  Uniform 
Code  Council  at  the  Retail 
Systems  2003  show  in  Chi¬ 
cago,  Wal-Mart  CIO  Linda 
Dillman  backed  the  council’s 
new  initiative  to  coordinate 
and  speed  up  work  on  a  stan¬ 
dard  data  structure  to  be 
used  with  RFID  technology 
The  data  structure,  dubbed 
Electronic  Product  Code,  is 
envisioned  by  proponents  as 
a  bar  code  successor  that 
retailers  could  use  to  more 
effectively  track  items  they  stock  and  sell. 

“We  believe  very  strongly  in  the  future  of 
[RFID]  "  Dillman  said,  adding  that  Wal-Mart 
plans  to  go  live  with  a  limited  RFID  rollout 
by  January  2005. 

“We ’re  still  defining  what  ‘being  live  in 
January’  means,”  she  said.  Wal-Mart  offi¬ 
cials  aren’t  sure  when  they  will  make  RFID 
support  a  mandate  for  its  suppliers,  but 
she  said:“It  will  be  a  requirement.” 

The  basics  of  fixed  RFID 

RFID  consists  of  a  tiny  microchip  and 
an  antenna, often  like  a  small,  thin  ribbon. 
These  components  can  be  put  into 
almost  any  form:  pressed  between  card¬ 
board  layers  in  a  carton,  or  layered  on  a 
piece  of  tape  or  a  label.  The  RFID  tag 
stores  a  unique  identification,  which  if 
Wal-Mart  and  others  have  their  way  will 
be  the  proposed  Electronic  Product 
Code.  RFID  scanners,  from  handheld 
units  to  stationary  tunnel-like  devices, 
transmit  a  radio  signal  to  turn  on  the  tag, 
which  sends  back  its  number.  The  code 
can  be  linked  via  lookup  databases  to 
servers  with  detailed  data  about  the  item, 
such  as  manufacturer,  lot  number  and 
expiration  date,  if  applicable. 

Unlike  bar  codes,  multiple  RFID  tags 
can  be  read  simultaneously,  without  the 
need  for  line  of  sight.  RFID  tags  also  can 
identify  individual  items  —  a  single  pair 
of  pants  as  opposed  to  a  style  of  pants, 
for  example.  And  tags  can  be  designed  to 
store  additional  data,  which  can  be 
updated. 

The  Uniform  Code  Council  last  week 
urged  retailers  to  make  creating  an  RFID- 
based  Electronic  Product  Code  a  top  pri¬ 
ority.  Already,  the  council’s  intellectual 
property  lawyers  have  reviewed  4,500 
patents  "to  ensure  we  could  bring  this 
technology  forward  in  an  open  standard," 
said  Michael  Di  Yeso,  the  council’s  COO. 


But  creating  an  RFID  infrastructure  will 
be  a  long  and  complex  process,  based  on 
field  tests  by  Wal-Mart  and  a  host  of  other 
retailers  in  the  U.S.  and  elsewhere.  Some 
hurdles  mentioned  include: 

•  Interference  from  802.11  wireless 
LANs  (WLAN). 

•  Clunky  and  pricey  scanners/readers, 
which  activate  the  tiny  chips. 

•  Costly  RFID  tags,  now  priced  at  about 
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20  to  30  cents  each. 

•  Consumer  privacy  fears  being  raised 
by  some  advocacy  groups. 

The  impact  on  enterprise  networks  is 
uncertain.  For  her  part,  Dillman  says  wor¬ 
ries  about  that  are  unfounded. 

“One  thing  we  [in  the  industry]  get  all 
hung  up  about  is  this  idea  of  ‘all  that 
extra  data,”’  she  said. “But  we’re  going  to 
start  by  [only]  identifying  the  item  [with 
the  Electronic  Product  Code  number] 
and  passing  that  on  to  the  network.Then, 
we’ll  add  more:  discrete  pieces  of  data  as 
those  make  sense  and  as  they’re  cost- 
effective.” 

Dillman  expects  RFID  to  speed  shipping 
and  receiving;  make  inventory  much  eas¬ 
ier,  faster  and  more  accurate;  and  cut  the 
huge  costs  associated  with  product 
recalls.The  RFID  tags  make  it  possible  for 
retailers  and  suppliers  to  know,  automati¬ 
cally,  what  goods  they  have  and  where 
they  are. 

Variety  of  benefits  seen 

“With  the  [Electronic  Product  Code], we 
can  distinguish  between  Carton  A  and 
Carton  B,  knowing  that  one  is  on  the  store 
floor  and  the  other  is  in  the  backroom,” 
said  Simon  Langford,  Wal-Mart ’s  manager 
of  RFID  strategy  “It  gives  us  visibility  as  to 
where  that  product  is.  Smart  applications 
will  be  able  to  direct  our  associates  to 
where  the  product  is,  so  we  can  replenish 
shelves  sooner." 

“We’re  very  interested,”  said  Ken  Watt, 
CIO  for  American  Eagle  Outfitters,  based 
in  Warrendale,  Pa.,  with  750  stores.  “With 
RFID,  we’ll  be  able  to  do  in-store  scans 
quickly,  do  spot  inventory  checks  quickly, 
and  do  loss  prevention  quickly  For  retail¬ 
ers,  speed  means  dollars.  “Reduced  labor 
hours  is  something  near  and  dear  to  our 
hearts,”  he  said. 

Sears  Logistics  Services,  a  Sears  Roe¬ 


buck  subsidiary  has  been  following  RFID 
closely  with  its  main  technology  partners, 
IBM,  Symbol  Technologies  and  Zebra 
Technologies.“We  like  the  idea,” said  John 
Atkins,  director  of  strategic  planning  and 
support  for  direct  delivery  systems.“It  s  the 
way  to  go.” 

But  he’s  got  plenty  of  questions.  What 
will  be  the  technical  standards  for  tag 
readability?  What  frequencies  will  be 
used?  How  will  radio  interfer¬ 
ence  caused  by  WLANs  be  han¬ 
dled?  How  many  tag  readers, 
especially  the  big  units  for  read¬ 
ing  entire  pallets,  are  needed  to 
ensure  redundancy?  At  what 
point  in  the  supply  chain  do 
you  incur  the  costs  of  actually 
applying  the  tag  to  a  box  or  pal¬ 
let  or  a  specific  item? 


Much  work  remains 

“We’re  still  working  through 
most  of  the  issues,”  Wal-Mart ’s  Langford 
said.  “There’s  technology  available  now 
that’s  deployable  in  some  areas.  But  the 
readers,  for  example,  are  an  issue.”  Wal- 
Mart  needs  readers  in  different  sizes  and 
shapes  for  different  locations,  and  they 
have  to  be  designed  so  that  antennas 
can’t  be  knocked  off  when  a  forklift 
backs  up  or  lifts  a  pallet  load. “We’re  ask¬ 
ing  our  [RFID  technology]  suppliers  to 
accelerate  their  development,”  he  said. 

But  there  is  the  cost  of  the  RFID  tags. 
Right  now,  the  price  of  the  basic  tag 
is  about  25  to  30  cents.  Wal-Mart  esti¬ 
mates  that  just  tagging  the  pallets  of  its 
top  100  suppliers  could  require  about  1 
billion  tags.  That  doesn’t  take  into 
account  creating  the  network  of  scan¬ 
ners,  the  servers  for  the  look-up  data¬ 
bases  and  for  product  data,  and  special¬ 
ized  software. 

That’s  why  American  Eagle  Outfitters’ 
Watt  right  now  is  studying  and  thinking, 
but  not  buying.  “The  price  per  unit  is  still 
out  of  our  ballpark,”  he  said.  ■ 

\  I  / 
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Weblogs  winding  their  way  into  business  nets 


»  BY  ADAM  GAFFIN 

BOSTON  —  With  his  budget 
and  staff  slashed,  Connecticut 
state  CIO  Rock  Regan  is  looking 
to  Weblogs  as  a  key  tool  to  keep 
his  organization  running. 

“It  is  a  critical  function  of  our 
organization.  It’s  going  to  be 
instrumental  in  our  survival,” 
Regan  said  at  the  ClickZ  Weblog 
Business  Strategies  Conference 
last  week. 


Regan  said  his  IT  staff  has 
shrunk  from  1,200  to  900  people 
in  the  past  six  months  —  and  he 
said  he  got  only  about  seven 
hours  of  sleep  last  week  as  he 
tried  to  work  with  state  legislators 
on  IT  funding  issues. 

So  suddenly,  the  ability  to  cap¬ 
ture  knowledge  about  current 
problems  and  upcoming  tech¬ 
nologies  and  distribute  it  across  a 
company  quickly  has  become 


■  BY  DENISE  PAPPALARDO 

After  five  years,  Sprint  is  leav¬ 
ing  the  Web  hosting  business. 

The  carrier  announced  last 
week  that  it  is  “winding  down”  its 
Web  hosting  business  this  year 
because  the  business  was  not 
successful  enough. 

“Sprint  had  not  been  getting 
much  traction  in  the  hosting 
market  lately”  says  Melanie 
Posey,  analyst  at  1DC.  “Given 
some  of  the  company’s  other 
challenges  in  the  core  network 
operations,  this  is  probably  a 
good  move.” 

According  to  1DC,  Sprint  had 
only  1%  to  2%  of  the  overall  Web 
hosting  market.  Although  the 
carrier  entered  the  Web  hosting 
market  in  1998  —  later  than 
many  competitors  —  it  didn’t 
win  enough  big  business. 

“They  blame  the  market,  but  a 
lot  has  to  do  with  the  way  Sprint 
went  about  marketing  its  ser- 


critical,  he  said.  Weblogs  let 
employees  jot  down  notes  and 
ideas  on  pages  available  across 
the  corporation. 

The  first  major  Weblogging 
effort  involves  the  state’s  “archi¬ 
tectural  review  board, ’’which  con¬ 
sists  of  40  people  from  nine  seg¬ 
ments  of  state  government  asked 
to  come  up  with  new  network  pri¬ 
orities.  They  are  using  Weblogs  to 
capture  and  exchange  notes  and 
information. 


“We  desperately  want  to  use 
[Weblogs]  for  project  manage¬ 
ment,”  because  the  department, 
which  serves  65  agencies,  has  so 
many  projects  that  it  could  bene¬ 
fit  from  a  shared  knowledgebase, 
he  said. 

Regan  said  Weblogs  are  proving 
vital  in  breaking  down  bureau¬ 
cratic  walls.“My  people  in  general 
don’t  communicate  well  on  pro¬ 
jects,”  he  said. 


vices  going  head-to-head  with 
IBM,  which  was  ridiculous,” 
Pbsey  says. 

Sprint  admits  its  decision  to 
exit  the  Web  hosting  business  is 
one  of  economics. 

“Gary  Forsee.our  new  CEO,  has 
been  on  board  for  90  to  100  days 
and  he’s  looking  at  everything 
through  a  microscope,”  says 
Kenny  Wyatt,  director  of  market¬ 
ing  at  the  carrier.  If  a  business  is 
not  delivering  an  anticipated 
return,  then  that  business  is  get¬ 
ting  cut,  he  says. 

While  Sprint  is  still  working  out 
the  details  of  its  exit,  the  carrier 
says  it  is  negotiating  with  a  few, 
yet-to-be  named,  third-party  Web 
hosting  providers  that  will  take 
over  Sprint  Web  hosting  cus¬ 
tomer's  service  needs. 

The  carrier  says  it  will  meet 
with  customers  before  any 
migration  occurs  to  be  sure  they 
agree  with  the  move,  or  help 
those  customers  bring  their  Web 


As  an  example,  IT  staffers  who 
focus  on  law-enforcement  and 
social-services  projects  say  they 
have  “completely  different”  issues, 
even  though  the  underlying  core 
technologies  they  use  are  the 
same,  he  said.  Weblogs  are  prov¬ 
ing  a  way  for  employees  to  realize 
what  they  have  in  common. 

He’s  using  UserLand  Software’s 
Manila  to  give  users  Weblogs. 
Longer  term,  he  said  he  needs  to 
make  sure  whatever  tools  he  uses 
can  plug  into  the  state’s  directory 
and  authentication  tools. 

Paul  Perry,  director  of  Verizon 
Communications,  said  such 
issues  are  potential  roadblocks 
to  widespread  Weblog  adoption. 
Authentication  is  “a  limiting  fac¬ 
tor  to  getting  a  community  on¬ 
board  right  awa^’  he  said.  Still, 
Perry  said  he  found  Weblogs  a 
useful  tool  to  keep  track  of  the 
intersection  of  computing  and 
communications. 

Perry  said  he  wanted  faster, 
more  technically  in-depth  infor¬ 
mation  than  he  was  getting  in 
weekly  competitive  analysis  re¬ 
ports  from  another  department 
that  consisted  mainly  of  non¬ 
technical  news  clippings,  many 
he  was  already  familiar  with.  He 
said  a  number  of  like-minded 
employees  were  already  using 
e-mail  lists  to  forward  interesting 


hosting  needs  in-house,  Wyatt 
says. 

Sprint  says  it  will  maintain 
two  of  its  13  data  centers  to  sup¬ 
port  its  internal  Web  hosting 
needs  as  well  as  very  few  select 
customers. 

Wyatt  says  most  are  govern¬ 
ment  customers  and  represent  a 
“minuscule”  number  but  are  key 
contracts  for  Sprint. 

Although  Sprint  will  not  offer 
its  own  Web  hosting  services  by 
year-end,  the  carrier  says  it  will 
resell  other  provider’s  Web  host¬ 
ing  services  to  users  going  for¬ 
ward.  But  the  carrier  had  no 
details  on  which  service  pro¬ 
viders  it  will  work  with. 

I  DC’s  Fbsey  says  most  existing 
Sprint  Web  hosting  customers 
should  stay  put  now.  It’s  in 
Sprint’s  best  interest  to  handle 
this  transition  carefully,  as  many 
of  its  Web  hosting  customers 
buy  other  services  from  the  car¬ 
rier,  she  says.  ■ 


news.  But  e-mail  has  drawbacks, 
too:  Not  everybody  is  copied  on 
every  message,  and  once  it’s 
sent,  “it’s  gone:  I  cannot  search 
everybody’s  e-mail  in-box  to  find 
out  what  was  being  talked 
about.” 

He  said  he  bought  100  licenses 
for  Traction  Software’s  enterprise 
Weblog  application.  “I  needed  to 
get  a  tool  that  I  could  fit  into  the 
workflow  of  what  everybody 
does,”  he  said,  adding  Traction’s 


■  BY  DENISE  PAPPALARDO 

AT&T  is  beefing  up  its  managed 
security  services  by  offering  users 
a  wider  variety  of  tools  to  keep 
their  network  and  traffic  safe. 

The  carrier  launched  its  Appli¬ 
cation  Firewall  Service  and  En¬ 
hanced  Managed  Intrusion  De¬ 
tection  Service  last  week  that  help 
protect  a  user’s  backbone  at  the 
network  and  application  layers. 

“They  are  the  only  traditional 
telecom  offering  such  services 
that  I’m  aware  of,” says  Matt  Kovar, 
analyst  at  consulting  firm  The 
Yankee  Group.  “MCI  teams  with 
1SS  to  offer  custom  security  ser¬ 
vices,  but  AT&T  is  the  only  one 
supporting  these  offerings  in 
house.” 

“AT&T  traditionally  hasn’t  been 
at  the  cutting  edge  from  a  security 
standpoint,” he  says.“But  in  the  last 
year  and  a  half  they  have  been  bit¬ 
ten  by  the  security  bug.  They  are 
aggressively  evaluating  next-gen¬ 
eration  technology  [AT&T]  is  a 
true  thought  leader  in  the  indus- 
try^’he  says. 

Application  Firewall  Service  is 
designed  to  prevent  “inappropri¬ 
ate  transactions” from  accessing  a 
customer’s  server.  The  Web-based 
firewall  service  is  for  AT&T  cus¬ 
tomers  that  host  servers  at  the  car¬ 
rier’s  13  Internet  Data  Centers. 

“Once  the  firewall  is  deployed.it 
goes  through  a  learning  process 
and  sets  up  a  baseline  for  the  typ¬ 
ical  traffic  patterns  for  that  cus- 
tomer,”  says  Stan  Quintana,  direc¬ 
tor  of  managed  security  services 
at  AT&T.  The  firewall  then  "flags 
anomalies”  and  “quarantines”  the 
traffic  so  customers  can  deter¬ 
mine  if  they  want  to  do  forensic 
analysis,  bounce  the  entire  trans¬ 
action  or  let  it  through,  Quintana 
says.  This  is  AT&Ts  first  security 


integration  with  email  was  key. 

Perry  said  it  took  about  four 
months  to  get  his  organization 
fully  into  blogging.  He  started 
with  the  people  who  he  knew 
were  always  sending  out  informa¬ 
tion  by  email;  he  spent  a  lot  of 
time  with  them  to  show  them 
how  to  use  the  tool.  And  he  made 
sure  to  get  his  CIO  onto  the  sys¬ 
tem  —  people  “knew  whatever 
they  were  highlighting  would 
float  up  to  the  top.”  ■ 


service  that  gets  into  content 
management  of  transactions  and 
operates  at  the  application  layer, 
he  says. 

The  service  is  limited  to  its  host¬ 
ing  customers,  but  AT&T  says  the 
offering  will  be  introduced  to 
“non-Internet  data  center  Web 
hosting  users”  by  year-end. 

The  carrier  also  launched  its 
Enhanced  Managed  Intrusion 
Detection  Service,  which  uses  a 
series  of  sensors  from  a  variety  of 
vendors  to  immediately  detect 
attacks  such  as  distributed  denial- 
of-service  and  worm  attacks. 
AT&T  already  offers  “standard” 
intrusion-detection  services  for  its 
data  customers,  but  Quintana 
says  the  standard  offering  uses 
only  one  sensor  and  might  not 
include  follow-up  action  other 
than  notification  if  an  attack  is 
discovered.  ' 

The  offering,  like  Application 
Firewall  Service,  is  linked  directly 
to  the  carrier’s  Integrated  Global 
Enterprise  Management  System 
(iGEMS)  and  its  Security  Opera¬ 
tion  Center  (SOC).  IGEMS  gives 
users  advanced  network  and 
application  monitoring  and  man¬ 
agement  support. 

The  SOC  is  staffed  with  security 
experts  who  monitor  customer 
networks  for  security  breaches, 
and  work  with  customers  to  take 
corrective  action  if  security  is 
breached. 

While  AT&Ts  current  security 
offers  focus  on  detecting  and 
thwarting  attacks,  the  carrier  says 
it  will  introduce  intrusion-preven¬ 
tion  services  by  year-end. 

Application  Firewall  Service 
and  Enhanced  Managed  Intru¬ 
sion  Detection  Service  are  avail¬ 
able  for  $3,000  to  $5,000  per 
month  in  addition  to  a  customer’s 
monthly  data  service  rates.  ■ 
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MobileAccess  melds  cellular,  WLAN  nets 

Singie  infrastructure  supports  VoIP,  wireless,  data  and  cellular  transmissions. 


■  BY  JOHN  COX 

MobileAccess  Networks  has  come  up 
with  an  offering  that  at  first  glance  seems 
counterintuitive:  You  lay  fiber-optic  and 
coaxial  cable  to  distribute  wireless  signals 
within  a  building  or  campus. 

But  upon  closer  inspection,  the  gear 
makes  a  lot  more  sense. You  install  a  single 
infrastructure  once  and  use  it  to  carry  any 
kind  of  wireless  signal:  cellular  voice  or 
data,  paging,  wireless  voice  over  IP  (VoIP) 
and  wireless  LAN  (WLAN)  traffic.  By  run¬ 
ning  the  traffic  across  fiber  and  coax,  cus¬ 
tomers  can  avoid  wireless  interference 
issues  that  crop  up,  for  example,  where 
walls  are  thick. 

The  basic  idea  has  been  around  for  sev¬ 
eral  years  to  improve  cellular  telephone  re¬ 
ception.  MobileAccess,  formerly  known  as 
Foxcom  Wireless,  has  a  global  business  in 
this  market.  But  with  new  products  intro¬ 
duced  last  week,  the  company  now  han¬ 
dles  IEEE  802. 1 1  WlAN  signals  as  well. 

The  new  product  portfolio  is  based  on  the 
company’s  original  product,  Modulite.  The 
new  MobileAccess  line  includes  a  Modular 
Base  Unit,  which  conditions  different  types 
of  cellular  traffic;  Remote  Units  that  aggre¬ 
gate  traffic  from  WLANs  and  assorted  wire¬ 
less  clients;  and  simple  ceiling-mounted  an¬ 
tennas  that  take  the  place  of  antennas 


■  StorageTek  last  week  announced 
native  Fibre  Connection  support  for 
itsT9840B  tape  drive.  The  T9840  is 
designed  for  Enterprise  Systems 
Connection  customers  who  are 
moving  to  FICON.  ESCON  connects 
mainframe  servers  to  local  storage 
and  peripherals,  and  is  limited  to 
37.3  miles.  FICON  capability  allows 
twice  the  throughput  and  10  times 
more  distance  than  ESCON.  The 
fast-access  version  with  native 
FICON  is  expected  to  be  available 
this  month  starting  at  $38,000  for 
new  customers  and  $15,000  for  con¬ 
versions  to  installed  T9840B  ESCON 
drives. 


All-in-one  wireless  system 


MobileAccess  offers  a  multipart  system  that  consolidates  cellular  and  wireless  LAN 
traffic  on  an  infrastructure  that  is  impervious  to  conditions  that  can  interfere  with 
wireless  performance. 


Carrier's 

cellular 

signal 


Building-mounted 

antenna 


Conditions  different  types 
of  cellular  traffic,  such  as 
TDMA  or  GSM,  heading  into 
or  out  of  a  building. 


MobileAccess  Modulite 
Modular  Base  Unit 


MobileAccess 
Remote  Unit 


Replace  antennas  on 
wireless  LAN  access 
points;  for  use  by  WLAN 
clients  and  other 
wireless  clients. 


Aggregates  wireless  LAN  and  other 
wireless  traffic  for  distribution  over 
a  common  wired  infrastructure. 


found  on  typical  WLAN 
access  points  and  that 
work  with  cell  phones, 
wireless  PDAs  and  other 
wireless  clients  (see 
graphic). 

MobileAccess  products 
have  been  running  since 
November  at  Rice  Mem¬ 
orial  Hospital,  which  re¬ 
placed  an  aging  portable 
phone  system. 

The  hospital  wanted  to 
let  physicians,  nurses  and 
other  staff  receive  voice 
calls,  while  using  such  fea¬ 
tures  as  conferencing, 
through  one  number  that 
could  be  routed  to  cellu¬ 
lar,  desk  or  IP  wireless 
phones,  says  Jon  Barber, 
telecommunications  coordinator  for  the 
Willmar,  Minn.,  hospital. 

Systems  integrator  Norstan  installed  one 
MobileAccess  Base  Unit  at  Rice  with 
about  10  Remote  Units  and  40  antennas. 
The  setup  distributed  cellular  and  WLAN 
signals  even  into  areas  typically  problem¬ 
atic  for  wireless  networks,  such  as  under¬ 
ground  facilities.  Linked  to  the  base  unit  is 
the  hospital’s  internal  phone  system:  a 
Mitel  PBX,  an  IP  switch,  an  Ericsson  gate¬ 


way  and  a  SpectraLink  VoIP  server.  Phone 
calls  can  be  directed  to  desktops  or  redi¬ 
rected  to  come  in  through  the  850-MHz 
cellular  signal  from  MidWest  Wireless,  a 
local  carrier. The  MobileAccess  system  dis¬ 
tributes  these  cell  calls. 

“Now  I  can  keep  control  of  the  phone 
call,”  Barber  says.  “1  can  conference  with 
others  at  the  hospital,  forward  and  transfer 
calls,  call  other  extensions.This  is  all  new’’ 

Barber  also  has  plugged  into  the  Remote 


Units  about  16  Symbol  Technologies 
802.1  lb  WLAN  access  points.These  provide 
a  medium  for  wireless  VoIP  calls  with 
SpectraLink  phones.  But  the  1 1 M  bit/sec 
WLAN  now  also  supports  notebook  com¬ 
puters  wheeled  on  carts  to  patient  bedsides 
for  a  wireless  patient  charting  application. 

Pricing  for  the  MobileAccess  gear  can 
start  at  $50,000  for  a  midsized  building  with 
a  single  wireless  service  and  reach  more 
than  $1  million.  ■ 


Nokia  supports  SSL  remote  access 


■  BY  TIM  GREENE 

Nokia  is  making  it  possible  for  customers 
to  turn  their  IP  Security  VPN  gear  into 
Secure  Sockets  Layer  remote-access  appli¬ 
ances,  offering  customers  a  flexible  way  to 
test  the  SSL  technology 

Announced  last  week,  Nokia  Secure  Ac¬ 
cess  System  can  be  ported  to  Nokia’s  IP 
350  and  IP  380  security  hardware  appli¬ 
ances  starting  in  July,  and  it  will  be  avail¬ 
able  for  other  IP  platforms  after  that.  The 
appliances  support  either  the  SSL  remote 
access  software  or  Check  Point’s  VPN-1/ 
Firewall-1  software  but  not  both. Customers 
specify  which  one  they  want  when  they 
buy  but  both  can  be  managed  via  Nokia’s 
management  platform. 

SSL  remote  access  lets  Web  browsers  on 
remote  PCs  connect  securely  with  a  server 


at  a  central  site  that  proxies  sessions  to 
servers  within  corporate  networks. 

Nokia  says  the  Secure  Access  System  in¬ 
cludes  security  features  beyond  SSL  en¬ 
cryption, such  as  a  client  integrity  scan  that 
determines  how  much  to  trust  the  PC  that 
is  connecting  and  adjusts  access  rights 
accordingly. So  if  the  Secure  Access  System 
determines  that  the  remote  machine  is 
company-issued  and  is  properly  config¬ 
ured,  the  user  gets  full  access  rights.  If  it 
determines  the  machine  is  in  an  Internet 
kiosk,  it  grants  more  limited  privileges. 

Nokia’s  device  also  keeps  SSL  sessions 
alive  longer  than  they  would  be  otherwise 
if  the  remote  user  doesn't  hit  the  keyboard 
for  a  certain  length  of  time.  It  spoofs  the 
connection  so  when  the  user  does  return, 
the  session  picks  up  where  it  left  off. 

This  type  of  feature  is  better  than  simply 


creating  SSL  sessions,  and  other  vendors 
such  as  Whale  Communications  have  simi¬ 
lar  features. 

Nokia,  generally  ranked  among  the  top 
four  IPSec  VPN  vendors  along  with  Cisco, 
Nortel  and  Check  Point,  is  the  third  to  sup¬ 
port  SSL.  Cisco  doesn’t  yet,  but  Charles 
Kolodgy  an  analyst  with  IDC,  expects  the 
company  to  do  so.  He  also  expects  other 
IPSec  VPN  vendors  to  jump  into  SSL  re¬ 
mote  access. 

“You  don’t  need  a  full-blown  VPN  if  you 
just  want  to  check  e-mails  or  look  at  a  Web 
catalog,”  he  says. 

The  Nokia  IP  350  and  IP  380  are  different 
models  of  the  same  chassis,  and  the  Secure 
Access  system  is  priced  by  number  of 
users.The  price  for  the  smallest  number  of 
licenses,  50,  is  $1 1,000,  including  the  hard- 
ware.The  largest,  500  users,  costs  $55,000.  H 


"  Two  months  ago  our  company  added 
branches  in  two  major  markets.  Sales 
soared  but  the  wide  range  of  new 
mobile  computing  platforms  created 
significant  integration  challenges. 

We're  growing,  and  that's  great.  But 
due  to  our  infrastructure  conflicts,  we 
are  not  perceived  as  good  as  we  are. 

We  need  solutions,  not  empty  sales 
pitches.  Because  we  have  to  move 
quickly,  we  want  one  venue  to  compare 
expert  opinions  and  determine  what 
would  work  best  for  our  company. 


The  Information  and  Communications  Technology  (ICT) 
Conference  and  Tradeshow  -  strictly  business  to  business. 


Jacob  K.  Javits  Center 
New  York  City 


CeBIT  America's  3-day,  enterprise  only  Conference  and 
Tradeshow  provide  direct  access  to  the  world's  systems,  applications, 
communications  and  networking  leaders,  in  one  place,  at  one  time. 

If  you're  charged  with  integrating  technologies  and  applications  to 
meet  your  organization's  business  objectives,  then  we'll  see  you  at 
CeBIT  America  -  Where  the  World  Turns  for  ICT  Solutions. 

Register  Now!  Visit  www.cebit-america.com/info21  to  register  with  priority 
code  MAR3  and  view  our  online  brochure,  or  give  us  a  call,  212-465-0531. 


Some  of  our  participating  partners:  Builder.com  •  Business  Council  for  the  United  Nations  •  CNE  News.com  •  Computerworld  •  Gartner  • 
Information  Technology  Association  of  America  •  MultiMeteor  •  Network  World  •  New  York  eComm  •  Novell  Best  >f  BrainShare  • 
Oracle  •  Tech  Corps  •  TechRepublic  •  Wall  Street  Journal  •  Wall  Street  Technology  Association  •  ZDNet 
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Bug  reporting  proposal  lacks  bite 
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Kearns 


A  couple  of  weeks  ago  the  Organization 
for  Internet  Security  released  a  pro¬ 
posed  standard  for  bug  reporting, 
called  the  Security  Vulnerability  Reporting 
and  Response  Process. 

OIS  could  more  properly  be  called  the 
Committee  for  the  Defense  of  Buggy 
Software  Vendors.  Just  check  the  member¬ 
ship  roles  —  @stake,  BindView,  Caldera 
International  (The  SCO  Group),  Found- 
stone,  Guardent,  ISS,  Microsoft,  Network 
Associates,  Oracle,  SGI  and  Symantec. 
Imagine  that,  Bill  Gates  and  Larry  Ellison 
joining  forces  to  protect  the  Internet  — 
best  check  the  weather  report  for  Hades. 

Setting  aside  for  the  moment  the  ques¬ 
tion  of  how  anyone  could  enforce  a  policy 
on  security  breach  reporting,  lets  just  ex¬ 
amine  the  proposal  on  its  merits. 

The  proposal  outlines  five  steps: 

•  Discovery  —  Someone  (called  the 
Finder)  discovers  what  they  consider  to  be 
a  security  vulnerability 
•  Notification  —  The  Finder  notifies  the 
software  vendor  and  advises  it  of  the 
potential  vulnerability  The  vendor  con¬ 
firms  that  it  has  received  the  notification. 

•  Investigation  — The  vendor  attempts  to 
verify  and  validate  the  Finders  claims, 
working  collaboratively  with  the  Finder. 

•  Resolution  —  If  the  potential  vulnera¬ 
bility  is  confirmed,  the  vendor  identifies 
where  the  flaw  resides  and  then  develops 
a  remedy  that  eliminates  or  reduces  the 
risk  of  the  vulnerability 
•  Release  —  In  a  coordinated  fashion, 
the  vendor  and  the  Finder  publicly  release 
information  about  the  vulnerability  along 
with  its  resolution. 

Read  the  report  at  www.nwfusion.com, 
DocFinder:  6338,  and  notice  how  much 
space  is  devoted  to  form  and  protocol  and 
how  little  to  keeping  networks  safe. 

Notice  that  the  public,  the  people  who 
are  vulnerable  to  the  security  flaw,  are  not 
to  be  told  about  it  until  a  patch  has  been 
developed.  No  patch,  no  public  notice  — 
but  the  security  hole  is  still  there,  just  wait¬ 
ing  to  be  exploited. 

Microsoft,  and  most  of  the  members  of 
the  group,  have  had  public  relations  disas¬ 
ters  on  one  or  more  occasions  when  mis¬ 
handling  or  ignoring  security  problems 
with  their  software.  OIS  is  a  propaganda 
mill  designed  to  keep  you  from  complain¬ 
ing  about  the  lack  of  security  in  enterprise 
software  by  giving  you  a  false  sense  of 


security  It  doesn’t  want  to  help  you  quickly 
plug  security  holes  but,  rather,  it  would  like 
to  hide  the  hole  until  it  can  develop  an 
appropriate  response. 

I  don’t  like  that.  I  want  to  know  about  the 


vulnerability  —  even  if  there  isn’t  yet  a 
patch. Knowing  the  vulnerability, I  can  work 
around  the  problem  until  it’s  fixed.  Not 
knowing  leaves  my  network  open  for 
exploitation. 


Kearns ,  a  former  network  administrator,  is 
a  freelance  writer  and  consultant  in  Silicon 
Valley  He  can  be  reached  at  wired@ 
uquill.com. 


MY  NAME  IS  TONY.  THIS  IS  MY  OFFICE 


Electronic  Labeling  Systems 


Tony  Serignese 
Information  Systems  Director 
Brother  International  Corporation 
Bridgewater,  NJ 

Uses  the  PT-2300 


In  my  office,  I  have  to  keep  everything 
running  smoothly.  From  servers  to  work¬ 
stations,  one  disruption  can  be  disastrous 
and  cost  the  company  a  lot  of  money. 

That's  why  I  use  the  P-touch®  PT-2300. 

With  P-touch  labels,  I  can  easily  identify  all  my 
servers,  workstations,  patch  panels,  cables 
and  face  plates,  making  troubleshooting  quick 
and  minimizing  downtime. 

Plus,  the  PT-2300's  portable  design  lets  me 
print  labels  virtually  anywhere.  Or,  I  can 
connect  it  to  my  PC  to  create  customized 
labels  with  my  company  logo  and  special 
datacom  symbols.  And  with  equipment  that’s 
clearly  marked,  I  can  trust  my  staff  to  get  the 


hcaLrj 


(800)622-6312 


GraybaR 

(800)825-5517 


job  done,  even  when 
I’m  out  of  the  office. 


From  LANs  to 
WANs,  Intranet 
to  Internet,  my 
P-touch  labeler  makes  every 
connection  possible. 


P-touch  systems  -  the  perfect  office  labels, 
wherever  your  office  may  be. 


QUESTIONS 

about  P-touch  industrial  products? 

Email  the  product  manager  at 
lndustrlal@brother.com 


$  NEWARK 

4 

(800)463-9275 

(847)918-3700 

P-touch®  Electronic  Labeling  Systems 
create  industrial  strength  and  standard 
adhesive-backed  laminated  labels  to 
organize  virtually  anything. 

•  Standard  Laminated  Tapes:  Bright,  easy-to- 
read  labels,  perfect  for  safety  precautions 
and  high  visibility  when  hidden  behind  cables. 
Available  in  a  variety  of  colors  and  widths. 

•  Security  Tapes:  Leave  a  checkered  pattern 
if  removed,  to  see  if  anyone  has  tampered 
with  them. 

•  Extra-Strength  Adhesive  Tapes:  Adhere  up 
to  two  times  stronger  than  standard  laminated 
tapes.  Perfect  for  textured,  coated  surfaces 
such  as  patch  panels,  computer  equipment,  etc 


Most  P-touch  systems  come  with  one  tape.  Additional  tapes  am  cvaibt/le 
purchase.  Not  all  models  accept  all  tapes.  See  packaging  fof  deta.G. 


www.brother.com  •  1-877-4PT0UCH 

@2003  Brother  International  Corporation,  Bridgewater,  NJ  •  Brother  Industries  Ltd..  Nagoya.  Japan 


SPECIAL  ADVERTISING  SECTION 


FOCUS  ON 

YOUR 

CUSTOMERS 

NOT  YOUR  TECHNOLOGY 


Information  Access  When, 

Where  and  How  You  Need  It 


You’re  at  your  customer’s  office,  and  you  know  it’s  there — the  one 


piece  of  business-critical  data  you  need,  right  now,  to  finish  the  job 
and  satisfy  your  customer.  The  fact  that  you’re  away  from  the  office 
doesn’t  negate  your  need  to  remain  productive  and  manage  your  time 
efficiently — indeed,  these  needs  are  often  heightened  while  on  the 
road.  But  the  reality  is  that  the  increasing  reliance  on  technology  to 
deliver  up-to-date  information  means  that  anytime,  virtually  anywhere 
data  access  can  make  the  difference  between  a  business  win  or  loss. 


Anytime,  virtually  anywhere  access  can 
empower  collaboration:  Communicating 
with  your  co-workers,  customers  and  part¬ 
ners  across  town  or  halfway  around  the 
world  via  audio  conferencing,  video  confer¬ 
encing  and  e-seminars  can  reduce  travel 
costs  and  increase  productivity.  Secure, 
reliable  collaboration  and  messaging  tools 
enable  your  service-oriented  business  to 
solve  problems  quickly,  shorten  decision¬ 
making  processes,  and  outshine  the  com¬ 
petition  with  better  plans  and  faster  solu¬ 
tions.  But  as  IT  infrastructure  and  networks 
evolve,  and  as  the  number  of  mobile 
employees  increases,  the  ability  to  access 
data  on  demand  in  a  secure  fashion  is  more 
critical,  yet  more  complicated  than  ever. 

Given  these  obstacles,  how  can  you 
ensure  that  your  business  stays  ahead  of 
the  curve  when  it  comes  to  secure  access 
solutions?  Talk  to  the  experts  at  Sprint. 
It’s  their  business  to  simplify  your  com¬ 
munications  and  help  you  increase  your 
company’s  productivity. 

Sprint  can  tailor  a  solution  that  works 
for  your  company.  That’s  because  Sprint 
solutions  give  your  employees  the  access 
they  need  to  be  more  effective.  With  over 


three  decades  of  experience  providing 
data  services,  Sprint  offers  a  complete 
portfolio  of  data,  voice  and  managed  net¬ 
work  solutions  that  can  give  your  business 
an  edge  with  the  tools  it  needs  to  succeed. 

Convenient,  reliable  and  secure 
remote  access.  Whether  you  are  working 
from  a  branch  office,  a  customer’s  office 
or  working  with  an  off-site  team,  your 
important  documents  and  messages  are 
at  your  fingertips.  Sprint  can  provide 
interoperability  among  ATM,  Frame 
Relay,  and  IP  VPN  networks,  enabling 
seamless  migration  to  IP-based  applica¬ 
tions.  Dedicated  and  dial  IP  solutions 
with  the  security  of  VPNs  (CPE  or  network 
based)  mean  you  are  not  without  access 
to  critical  data.  Letting  Sprint  manage 
your  network  services  can  save  time  and 
money  and  allow  your  IT  staff  to  focus  on 


delivering  applications  rather  than  worry¬ 
ing  about  the  status  of  the  network. 

Security  for  your  important  informa¬ 
tion.  When  you  lose  information,  you  can 
lose  money — maybe  even  the  customer 
relationship.  From  short-term  technical 
glitches  to  catastrophic  events,  Sprint 
Business  Continuity  Solutions  can  pro¬ 
vide  you  with  the  peace  of  mind  that  your 
information  is  safe.  Think  of  it  as  insur¬ 
ance  for  your  valuable  information 
assets.  Choose  from  e-mail  protection 
and  spam  filtering  to  full  disaster  recov¬ 
ery.  Sprint  offers  managed  hosting,  stor¬ 
age  and  backup  options  so  that  your 
business  can  survive. 

Cost-effective  collaboration  with  cus¬ 
tomers,  partners,  and  peers.  Bring  your 
employees  and  customers  together  with¬ 
out  travel  or  advance  reservations.  From 
concept  meetings  to  staff  training  and  e- 
seminars,  you  can  leverage  Sprint’s  20- 
plus  years  of  experience  in  video  and 
teleconferencing.  Your  employees  can 
audio  or  video  conference  between  most 
dissimilar  equipment,  stream  live  or 
recorded  audio  and  video  broadcasts 
and  even  use  Sprint  Instant  Messaging 
to  conduct  private,  secure,  virtual  meet- 
ings  on-the-fly,  between  desktop  users, 
PCS  phone  users  and  handheld  users=L_ 
anytime,  virtually  anywhere.  ♦> 


ADDITIONAL  RESOURCES  AND  EVENTS 
To  learn  more  about  how  Sprint  solutions  can  help  your  business  gain  ready 
access  to  key  information — when,  where  and  how  you  need  it — join  Sprint 
and  Ziff  Davis  Market  Experts  for  one  of  our  interactive  eSeminars.  Learn 
more  about  this  event  and  register  online  at  www.webseminarslive.com. 
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1  wireless  vendor  + 1  wireline  vendor  + 1  problem  =  multiple  places  to  place  blame.  That's  when  problems 
can  really  multiply.  And  that's  time  for  Sprint.  Sprint  built  its  wireline/wireless  network  from  the  ground  up. 
Designed  it  specifically  for  greater  reliability  and  security.  We  stand  behind  it.  And  our  industry-leading 
SLAs  back  it  up.  Let  us  show  you  how  end-to-end  accountability  works.  Especially  if  you  have  a  network 

that  doesn't.  It's  time  for  Sprint.  Go  to  sprintbiz.com/time,  or  call  1 866  523-3890. 


Its  time  for  the  death  of  fingerpointing 
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One  Sprint.  Many  Solutions." 


Voice/Data  PCS  Wireless  Internet  Services  E-Business  Solutions  Managed  Services 
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K  TRAFFIC:  Applying  data  compression. 


Compression  devices  show  why  smaller  is  better 


■  BY  TIM  GREENE 

One  of  the  fastest  paybacks  in  IT  comes  from  WAN 
compression. 

Put  compression  boxes  at  both  ends  of  a  link  and 
increase  throughput  without  buying  more  bandwidth. The 
result  is  that  applications  respond  faster  without  signing 
on  for  the  additional  monthly  expense  of  a  bigger  WAN 
connection. 

Take  international  specialty-packaging  company  Pactiv, 
with  U.S.  headquarters  in  Lake  Forest,  Ill.  Last  year  it  in¬ 
stalled  a  manufacturing  application  called  Manufacturing 
Pro  at  12  sites  in  Europe  that  are  connected  by  a  hub- 
and-spoke  frame  relay  network. The  new  application 
slowed  traffic  so  much  that  some  128K  bit/sec  links 
would  need  doubling  to  support  fast  enough  response 
times,  says  Matt  Haynes,  Pactiv’s  network  manager. That 
doubling  of  bandwidth  would  have  doubled  or  even 
tripled  the  price  of  some  circuits,  he  says. 

Before  buying  that  extra  bandwidth  though,  Pactiv  tried 
Expand  Networks’ Accelerator  compression  gear,  which 
shrank  traffic  enough  to  eliminate  the  need  to  pay  for  fat¬ 
ter  pipes.  Based  on  avoiding  that  additional  cost,  the 
appliances  paid  for  themselves  within  six  and  a  half 
months,  Haynes  says. 

Makers  of  specialty  compression  equipment  such  as 
Expand,  Peribit  Networks  and  ITWorx  share  a  basic  con¬ 
cept:  Their  appliances  examine  network  traffic  for  pat¬ 
terns  that  repeat  and  then  replace  them  with  shorter  pat- 
terns.These  abbreviations  reduce  the  number  of  bits  that 
cross  the  wire,  easing  congestion.  Depending  on  the  type 
of  traffic,  compression  can  reduce  it  by  more  than  95%, 
with  vendors  promising  to  cut  traffic  at  least  in  half. 

The  boxes  sit  between  WAN  routers  and  WAN  links.  If 
they  fail,  they  become  passive  and  traffic  passes  as  if  they 
were  part  of  the  wire. 


Compress  data,  save  money 

Compression  appliances  send  shorthand 
versions  of  data  so  it  takes  fewer  bits  to 
transmit,  resulting  in  wide-area  connections 
that  carry  more  data  with  less  congestion. 


•  Speed  WAN  performance. 

•  Avoid  costly  bandwidth  upgrades. 

•  Improve  performance  of  individual 
applications. 


A  slow  start 


Fewer  than  20,000 
compression  appliances 
have  been  shipped  so  far, 
but  that  will  grow  to  more 
than  225,000  by  2007. 


needed  to  try  something  else. 

He  started  to  move  Microsoft  Exchange  servers  to 
branch  offices  to  cut  down  on  e-mail  traffic,  but  before  he 
completed  that  project  he  tried  Expand  compression 
boxes.They  gave  him  900K  bit/sec  throughput  on  a  56K 
bit/sec  link,  he  says.“I  turned  off  my  Racketeers, ”  and  kept 
the  Exchange  server  located  centrally, Wolf  says. 

Richardson  has  installed  52  Expand 
boxes  and  had  a  payback  in  as  little  as 
three  months  for  a  128K  bit/sec  circuit  to 
China.  Links  still  fill  up,  and  he  has  to 
order  more  bandwidth,  but  it  is  in  64K 
bit/sec  channels  rather  than  doubling  the 
bandwidth  on  a  connection,  he  says. 


Depending  on  the  type  of  traffic,  compression 
can  reduce  it  by  more  than  95%,  with  vendors 
promising  to  cut  traffic  at  least  in  half. 


Fteribit  and  Expand  have  added  basic  traffic-shaping  to 
their  equipment,  and  traffic-shaping  specialist  Racketeer 
has  added  compression.  Experts  say  Peribit  s  and 
Expands  traffic  shaping  doesn’t  stand  up  to  Racketeer’s, 
and  Racketeer's  compression  lags  behind  Peribit’s  and 
Expand’s. 

Some  router  vendors  also  support  compression  in  their 
gear,  but  customers  report  finding  shortcomings  with  that 
architecture. 

McKee  Foods,  maker  of  Little  Debbie  snack  cakes,  con¬ 
sidered  purchasing  new  Cisco  gear  or  upgrading  its 
Nortel  gear  to  accommodate  compression  among  distrib¬ 
ution  and  production  sites,  but  decided  against  it, says  Bo 
Smith,  the  company’s  IS  group  manager. The  project 
would  have  required  software  and  hardware  modules  as 
well  as  new  routers  in  some  sites. 

"By  the  time  we  upgraded  the  routers  for  hardware  and 


•  Not  all  traffic  compresses  well. 

•  Ultimately,  increased  traffic  will 
outstrip  the  ability  to  compress. 

•  Payback  might  be  too  slow  for  small  links. 

•  Traffic  shaping  on  compression  appliances  is  still 
rudimentary. 


software,  it  would  have  been  a  wash  on  the  cost,  and  we 
would  have  been  tied  to  one  of  those  vendors,”  says  Smith, 
who  bought  Peribit  Sequence  Reducer  gear  instead.The 
Peribit  boxes  can  be  installed  at  any  site  regardless  of 
which  routers  are  used  and  can  be  moved  around  to  sup¬ 
port  the  most  congested  links.  He  says  that  boosting  band¬ 
width  would  have  cost  $5,000  more  per  month. 

Smith  never  got  around  to  evaluating  the  performance 
of  the  router  compression,  but  as  a  rule,  compression  spe¬ 
cialists  are  better  at  squeezing  more  out  of  bandwidth 
than  router  makers,  says  Peter  Firstbrook,  a  senior  re¬ 
search  analyst  with  Meta  Group.“You 
don’t  expect  as  much  compression 
out  of  [a  router]  ”  he  says. 

Firstbrook  also  says  router  com¬ 
pression  requires  a  single  vendor’s 
equipment  carrying  the  same  ver¬ 
sion  of  software  at  every  site.  If  a 
business  has  one  problem  link  with 
a  pair  of  matched  routers  at  the 
ends,  it  might  try  the  router  compression  at  little  cost  to 
see  if  it  helps,  he  says. 


SOURCE.  NETSEDGE  RESEARCH  -GROUP 


Carpe  diem 

But  users  might  be  wary  of  doing  this. 

“It’s  a  router.  It’s  so  critical  to  your  infrastructure  that 
people  are  reluctant  to  screw  with  it  once  it’s  working,” 
Firstbrook  says.  Separate  appliances  compress  without 
affecting  router  performance,  he  says. 

Some  businesses,  such  as  Richardson  Electronics  in 
LaFox,  Ill.,  turn  to  traffic-shaping  devices  to  boost  the  per¬ 
formance  of  particular  applications  across  congested 
connections.  Mainframe  applications  at  the  company’s 
hub  site  were  slowing  down, so  it  bought  Packeteer 
equipment  to  prioritize  traffic,  says  Mark  Wolf,  director  of 
IS  operations  for  Richardson.  It  worked  for  a  while,  but 
with  a  jump  in  email  traffic  with  large  attachments  he 


Compression  equality? 

Wolf  says  not  all  applications  compress 
equally  well.  ZIP  files  already  are  com¬ 
pressed,  so  they  don’t  get  much  smaller. 

The  vendors  constantly  are  updating 
their  algorithms  to  address  specific  applications. 

“Software  developers  spend  time  on  the  functionality  of 
their  application,  not  on  making  it  network-efficient,”  First¬ 
brook  says.”  [Compression  vendors]  can  look  at  a  big  app 
and  make  it  more  efficient.There  are  lots  of  little  things 
you  can  do  that  turn  into  a  big  difference.” 

Vendors  also  are  constantly  fine-tuning  other  features  of 
their  gear  to  get  more  out  of  them.  For  instance,  Expand 
started  fragmenting  large  packets  earlier  this  year  so 
short,  time-sensitive  voice-over-lP  packets  wouldn’t  get 
stuck  behind  large  packets.  And  earlier  this  month,  Peribit 
added  features  to  make  IP  Security  VPN  traffic  perform 
better  and  to  give  it  higher  priority 

According  to  Firstbrook,  compression  gear  requires  little 
management  or  maintenance  once  it’s  running.  Users  are 
more  likely  to  monitor  the  devices  to  pull  down  traffic 
statistics  they  gather  as  a  resource  for  other  projects.  He 
sets  the  monthly  management  cost  at  $175  per  box,  but 
says  that  is  probably  high. 

Initial  setup  of  the  equipment  can  be  challenging  as 
well.  Wolf  says  his  company  has  installed  52  of  the  Ex¬ 
pand  boxes  in  the  past  two  years  and  recently  installed 
one  on  a  Sprint  frame  relay  link  in  Canada.’They  say 
they’re  not  seeing  any  difference  in  performance,”  he  says, 
but  expects  that  after  some  troubleshooting  the  device 
will  perform  as  well  as  the  rest. 

The  market  is  young.  Peribit  shipped  its  first  products 
less  than  two  years  ago.  Firstbrook  predicts  that  in  three  or 
four  years,  with  demand  increasing  for  these  devices  and 
with  Moore’s  Law  driving  down  hardware  costs  and  im¬ 
proving  performance,  this  sophisticated  compression  will 
become  a  feature  on  routers  without  jeopardizing  router 
performance.  But  customer  demand  also  will  have  to 
grow  to  make  it  worthwhile  for  the  router  vendors.  With 
sales  of  less  than  $33  million  in  2002,  according  to  Nets- 
Edge  Research  Group,  the  market  for  these  appliances  is 
still  very  small. 

In  the  meantime,  Firstbrook  says,  it’s  pretty  safe  to  give 
the  equipment  a  try. 

"If  the  payback  is  less  than  a  year  and  if  they  go  out  of 
business  in  two  years,  1  don’t  care. The  box  has  already 
paid  for  itself,”  he  says.  ■ 
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Any  system  can  store  data. 


Sony  PetaSite  libraries  are  ideal  for  backup,  archiving  and  Hierarchical  Storage 
Management.  Sony  PetaBack®  and  PetaServe®  solutions  give  you  even  greater  flexibility. 


Sony  PetaSite  libraries.  The  Work  Smart  solution  for  storing  content. 
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You  need  to  store  content. 

Training  video  is  content.  Seismic  studies  are  content.  And 
so  are  CAT  scan  images,  PDF  files,  audio  clips  and 
presentations.  According  to  the  analysts,  an  avalanche  of 
content  is  about  to  land  on  top  of  your  data  center.  Are  you 
ready?  With  a  Sony  PetaSite®  data  tape  library,  you  will  be. 

Sony's  PetaSite  libraries  extend  beyond  terabytes  into 
petabytes— to  keep  abreast  of  your  growing  storage 
needs.  SAIT  PetaSite  libraries  leverage  the  world's  high¬ 
est  capacity  data  cartridge*— SAIT— to  achieve  the  highest  storage  density.  So  you 
save  precious  data  center  space.  SAIT  also  offers  the  lowest  tape  cost  per 
gigabyte.**  So  you  save  money.  Or  choose  Sony's  DTF-2  PetaSite  libraries,  which 
have  lightning-fast  loading  and  file  access.  So  you  also  save  time. 
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Get  the  same  top-quality  memory  the  server 
manufacturers  use. 


"As  the  official  factory  outlet  for  Micron  Technology's  RAM-manufacturing  facilities, 

(Crucial)  offers  near-wholesale  pricing  for  a  broad  array  of  top-quality  memory  modules. . . 
you  have  to  wonder  why  anyone  would  buy  memory  anywhere  else. " 

—  Computer  Shopper  magazine 


At  low,  factory-direct  prices.  It's  Crucial. 


When  it  comes  to  server  memory  upgrades,  the  issue  on  everyone's  mind  is  quality.  After  all, 
you're  upgrading  to  improve  productivity.  The  last  things  you  need  are  memory  failures  and 
server  downtime.  When  you  buy  from  Crucial,  you're  buying  directly  from  the  memory 
manufacturer.  Micron — just  like  the  server  manufacturers  do.  It  only  costs  less  because  you 
aren't  paying  the  middleman  mark-up  fees.  So  you  cut  costs  without  sacrificing  performance. 
Visit  The  Memory  Experts™  today,  and  save  up  to  60%  on  upgrades  for  your  Intel-based 
servers.  And  discover  why  Crucial  means  business. 
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•  Guaranteed  to  work  in  your  server  or  your  money  back  •  Same-day  shipping  on  most  orders 

•  Time-saving  Memory  Selector™  for  easy  upgrading  •  Free  shipping  (contiguous  US) 

•  Free  technical  support  from  the  best  in  the  industry 


FREE  SHIPPING* 
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Order  online: 

http://promo.crucial.com 

or  call  toll-free  1-888-363-5183 
Key  code:  Intw 
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•See  Web  site  for  details. 
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Dell  PowerConnect  GbE  switch  sails  through  battery  of 
tests 

PowerConnect  5212  attains  100%  of  maximum  theoretical  throughput 
across  a  variety  of  frame  sizes;  tests  validate  QoS,  Jumbo  Frames  and 
security . 2 

Riverstone  XGS  10-GbE  switch  pair  accelerates  to  wire- 
speed  throughput 

Low  latency  and  minimal  jitter,  coupled  with  wire-rate  throughput,  make 
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Dell  PowerConnect  GbE  switch  sails 
through  battery  of  tests 

Test  Highlights 

O  Achieves  wire-speed  throughput  for  range  of  frame  sizes  tested 
O  Distinguishes  traffic  appropriately  and  prioritizes  traffic  based  on  IEEE  802. Ip 
O  Distinguishes  traffic  and  tags  appropriately  for  transport  among  multiple  VLANs 
O  Enables  managers  to  limit  switch  access  via  RADIUS  support 
O  Reconfigures  Layer  2  Spanning  Tree  using  "Rapid"  Spanning  Tree  protocol 


Tests  conducted  by  The  Tolly  Group  recently  validate  that  Dell  Computer 
Corp.'s  PowerConnect  5212  switch  delivers  wire-speed  Gigabit  Ethernet 
throughput,  as  well  as  provides  a  number  of  advanced  functions  that 
help  position  the  device  in  network  backbones  or  in  data  centers. 

In  an  effort  to  provide  independent  validation  of  the  PowerConnect 
521 2's  features,  functions  and  performance,  Dell  Computer  commis¬ 
sioned  The  Tolly  Group  to  conduct  a  thorough  verification  of  more  than 
a  dozen  key  switch  capabilities. 

Test  results  show  that  the  Dell  PowerConnect  5212  performs  at  wire- 
speed  at  all  frame  sizes  tested  and  exhibits  a  variety  of  key  features 
essential  to  LAN  switches  including  auto-negotiation,  link  aggregation 
(802. 3ad),  VLAN  support  (802. IQ),  rapid  reconfiguration  for  Spanning 
Tree  support  (802. 1w),  and  support  for  Jumbo  (9,000-byte)  Frames. 

From  a  performance  standpoint,  The  PowerConnect  5212  achieved 
Layer  2  wire-speed  throughput  utilizing  12  ports,  verifying  that  the 
PowerConnect  performs  at  wire  rate.  Tests  verify  that  the  switch  back¬ 
plane  is  "non-blocking"  and,  thus,  will  not  become  a  bandwidth  bottle¬ 
neck  in  the  network. 

Auto-negotiation  tests  verify  that  the  PowerConnect  5212  interoperates 
with  common  10/100/1000  networking  components  and  automatically 
selects  the  optimum  speed  and  duplex  mode  supported  by  the  partner 
end  of  the  connection. 

Link  Aggregation  tests  certify  that  the  PowerConnect  5212  has  the  capability  to  forward  traffic  across  multiple  aggregated  links. 
QoS  tests  verify  that  the  PowerConnect  5212  prioritizes  traffic  according  to  the  802. Ip  Quality  of  Service  standard  utilizing  four 
traffic  queues.  VLAN  support  tests  demonstrate  that  the  PowerConnect  5212  segments  traffic  appropriately  according  to  the 
IEEE  802. IQ  protocol. 

Furthermore,  system  security  and  user  management  tests  included  management  access  authentication  via  RADIUS.  Rapid 
Reconfiguration  of  Spanning  Tree  tests  certify  that  the  PowerConnect  5212  detects  endpoints  and  forwards  traffic  utilizing  the 
Rapid  Spanning  Tree  protocol.  Jumbo  Frame  support  tests  demonstrate  that  the  PowerConnect  5212  transports  Ethernet  Jumbo 
Frames,  thus  proving  that  it  can  be  used  in  high-performance  data  backup  or  storage  networking  applications  in  conjunction  with 
Ethernet  network  interface  cards  that  support  Jumbo  Frames.  Port  Mirroring  tests  certify  that  the  PowerConnect  5212  can  be 
used  in  conjunction  with  network  analyzers,  intrusion  detection/prevention  systems,  and  other  devices  that  process  a  "mirrored" 
copy  of  the  switch  traffic. 

The  PowerConnect  5212  that  The  Tolly  Group  tested  is  a  12-port  managed  Gigabit 
Ethernet  switch  that  sells  for  $1,199  with  next  business  day  advanced  exchange 
hardware  replacement  and  lifetime  telephone  tech  support.  The  same  management 
feature  set  is  also  available  in  the  PowerConnect  5224,  which  comes  with  24  ports 
of  Gigabit  Ethernet,  next  business  day  advanced  exchange  hardware  replacement 
and  lifetime  telephone  tech  support  for  $2,199. 
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Riverstone  XGS  10-GbE  switch  pair 
accelerates  to  wire-speed  throughput 


Test  Highlights 

O  Achieves  wire-speed  performance  with  zero  packet  loss  across  all  packet  sizes  tested  at  Layer  2  and  Layer  3 

O  Demonstrates  low  latency  on  both  10-GbE  and  GbE  interfaces  at  wire  speed  at  both  Layer  2  and  Layer  3 

O  Achieves  sub-microsecond  jitter  on  10-GbE  and  GbE  interfaces  regardless  of  load  at  Layer  2  and  Layer  3 

O  Exhibits  no  performance  degradation  in  bi-directional  or  full-mesh  configurations  even  when  1,000  ACLs 
per  interface  are  active 


Tests  performed  on  a  pair  of  Riverstone  Networks,  Inc.  10-Gigabit  Ethernet 
switches  reveal  that  the  products  deliver  wire-speed  performance  with  zero 
packet  loss  even  under  real-world  operating  conditions. 

The  Tolly  Group  tested  Riverstone's  XGS  9008  and  XGS  9016  10-GbE 
switches  in  March  2003  and  found  that  the  devices  performed  at  100%  of 
the  theoretical  maximum  throughput  in  both  a  port-pairing  and  full-mesh 
configuration  using  frame  sizes  from  64  bytes  to  1518  bytes  at  Layer  2  and 
Layer  3,  including  odd-sized  frames  to  insure  the  system  was  optimized  for 
real-world  performance. 

More  importantly,  unlike  some  switch  tests  where  commonly  used  facilities 
are  disabled  to  provide  the  optimal  throughput  conditions,  Riverstone 
Networks  required  The  Tolly  Group  to  test  the  XGS  9008  and  the  XGS 
9016  with  access  control  list  (ACLs)  filters  enabled.  In  fact,  the  perform¬ 
ance  of  the  XGS  switches  remained  unaffected  even  when  1 ,000  ACLs 
per  interface  card  were  activated  in  bi-directional,  full-mesh  configurations. 
This  provides  a  test  scenario  that  parallels  real-world  conditions. 


Tests  confirmed  that  the  XGS  9008  and  XGS  9016  achieved  line-rate 
performance  with  fully  meshed  traffic  across  8x10  Gigabit  Ethernet  and  16x10  Gigabit  Ethernet  ports  respectively. 


Project  Profile 


Product  name: 

•  XGS  9008 
.  XGS  9016 

Firmware: 

1.0.0.59j 

Product  class: 

Layer  3  switch 

Testing  date: 

March  2003 

Document  number: 

203105 

For  more  information: 

http:/ /www.  Riverstonenet.  com 


Riverstone  Networks  XGS  9016 
Full-Mesh,  Zero-Loss  Throughput 
16  10-Gigabit  Ethernet  Interfaces 
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■  Layer  2  □  Layer  3  with  1,000  ACLs  active  per  port 


Moreover,  results  show  that  the  Riverstone  XGS  10-GbE  switches 
exhibited  consistently  low  latency  ranging  from  16  microseconds 
for  64-byte  frames  to  just  under  23  microseconds  for  1,518-byte 
frames.  Latency  for  9,126-byte  Jumbo  Frames  was  under  54 
microseconds.  Jitter  was  under  150  nanoseconds  for  all  frame 
sizes  tested  at  Layer  2  and  Layer  3,  except  for  the  smallest 
frame  sizes  at  64  bytes  through  129  bytes  when  jitter  burst  to 
325  nanoseconds. 

Any  10-GbE  switch  must  offer  consistency  in  performance  at 
Layer  2  and  at  Layer  3,  despite  a  range  of  frame  sizes  it 
encounters  or  the  increased  functionality  brought  on  by  enabling 
features  such  as  ACL  filters. 

Also,  the  capability  of  the  XGS 
9008  and  XGS  9016  at  handling 
Jumbo  Frames  at  wire  speed 
makes  the  devices  ideal  for 
usage  in  data  centers  as  stor¬ 
age  over  IP  begins  to  emerge. 
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Sanity  check 


If  you're  a  network  equipment  buyer,  enterprise 
network  architect  or  IT  planner,  you  no  longer 
have  to  sink  countless  hours  or  manpower  into 
validating  new  products. 


Tolly  Verified  has  done  it  for  you,  at  no  cost! 


The  IT  industry's  leading  independent  voice  for 
product  assessment  and  benchmarking,  The 
Tolly  Group,  has  built  a  rapidly  growing  online 
database  of  products  it  has  tested  for  performance 
and  feature/functionality  attributes. 


Our  Tolly  Verified  Online  Catalog  is  expanding 
daily  to  become  a  trusted  resource  for  product 
assessment.  And  the  upside  is,  it  doesn't  cost 
you  a  nickel! 

Equipment  vendors  commission  The  Tolly  Group 
to  conduct  common  function  and  performance 
tests  that  help  identify  a  product's  chief 
characteristics. 


Users  get  the  scoop  on  product  feature/ 
functionality  verification  and  vendors  have  a 
reliable  space  to  convey  product  data  in  a  fair 
and  equitable  way. 


So  check  out  Tolly  Verified  at 
http://www.tolly.com/TV/TV_home.aspx 
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Ian  in  the  know. 


And  a  customer  engaged 


He  anticipates  his 


tdtta^a  customer  for  life. 
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its'  every  need.  He  expects  the  same.  And  that's 


just  what  happened  when  William's  credit  card  company  detected  a 
suspicious  charge.  Since  his  cell  phone  is  activated  on  the  network, 


the  bank  could  get  to  him  immediately  with  a  copy  of  the 
The  charge  was  legit.  Yep,  he  was  spared  the  hassle 


transaction, 
of  his  card 


refused  in  front  of  clients  at  the  clubhouse.  At  Nortel  Networks,  we 
call  this  "the  engaged  business  model"  And  we  make  it  possible 
by  enabling  business  to  engage  their  customers  through  delivering 
critical,  time-sensitive  information  on  whatever  device  they  prefer. 
Before  they  even  know  they  need  it.  So  businesses  can  win  the 
loyalty  necessary  to  build  a  solid  revenue  base.  Leveraging  solutions 
like  contact  centers  and  application-aware  switching.  Insuring  user 
mobility  and  network  continuity.  Accelerating  productivity  while 
lowering  costs.  The  results:  customers  like  William  become  customers 
foT  life.  All  delivered  by  our  Enterprise  vision.  One  network.  A  world 
of  choice,  nortelnetworks.com/onenetwork 
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Complimentary  Event  for  Qualified  Attendees! 


JOIN  US  IN  A  CITY  NEAR  YOU! 


June  10 
June  12 
June  17 
June  19 


New  York,  NY  Crowne  Plaza  Hotel 

San  Jose,  CA  Silicon  Valley  Conference  Ctr. 

Philadelphia,  PA  Doubletree  Hotel 

Chicago,  IL  Hyatt  Regency  O'Hare 


TECHNOLOGY  TOM 


Is  your  voice  over  IP  network  in  place?  Finally  up  and  running? 
Now  the  questions  start  and  the  real  work  begins.  Are  you  on 
track  to  realize  the  power  and  profits  of  a  converged  network? 
Do  you  have  the  answers,  expertise,  and  solutions  you  need  to 
deliver  on  the  promise  of  your  deployment?  Join  us  at  the  Network 
World  Technology  Tour  Voice  Over  IP:  Maximizing  the  Impact  of 
Your  Rollout.  Learn  how  to  tackle  the  technical,  organizational 
and  accounting  requirements  that  position  you  to  meet,  indeed 
exceed,  the  "day-two"  demands  and  expectations  of  users  and 
management  alike.  At  this  watershed  event  you'll  compare 
experiences,  establish  benchmarks,  and  gain  clarity  with  colleagues 
who  -  like  you  -  bridged  the  voice/data  gap,  defined  the  future 
of  networks,  and  now  lead  the  voice  over  IP  revolution. 


Practical  intelligence  &  takeaways: 

■  Cost,  quality  and  savings  benchmarks 

■  Training  programs  for  in-house  staff 
to  support  VoIP  deployments 

■  Industry  "best  practices"  performed 
within  other  IT  organizations 

*  Key  strategies  that  capture  both 
tangible  and  intangible  ROI 

■  Tighter,  faster  integration  of  voice 
messaging  enterprisewide 

■  Comparative  evaluations  of 
leading-edge  products  and  services 


Advance  Reservation  is  Required  for  Complimentary  Attendance  REGISTER  NOW! 

Online  at  www.nwfusion.cnm/events/voip2 
or  call  1  800-643-4668 


PLATINUM  PRESENTING  SPONSORS: 


GOLD  EXHIBITING  SPONSORS: 
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This  event  is  limited  to  Network  and  IT  professionals  involved  in  the  evaluation,  purchase  and  implementation  of  voice  over  IP  products  and  services. 
Network  World  Events  reserves  the  right  to  determine  total  audience  and  profile  of  complimentary  attendees.  Paid  registration  is  also  available. 


To  sponsor  this  Network  World  event  or  if  you  are  interested  in  on-site  training  for  your  company, 
contact  Andrea  D'Amato  at  508-490-6520  or  adamato@nww.com. 
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Nortel  Networks  lands  one-two 
punch  in  Passport  8600  testing 

Test  Highlights 

O  Achieves  wire-speed  throughput  when  handling  64-byte  frames  at  Layer  2  and  Layer  3  in  full-mesh  tests 
with  64  Gigabit  Ethernet  ports 

O  Apportions  bandwidth  according  to  effective  QoS  facilities  that  drop  low-priority  packets  during 

oversubscription  periods  to  preserve  bandwidth  for  latency-sensitive  applications  such  as  voice  and  video 

Q  Provides  an  acceptable  convergence-ready  environment,  maintaining  low  latency  during  periods  of  over¬ 
subscription  through  effective  QoS 


Nortel  Networks  Ltd.  commissioned  The  Tolly  Group  to  evaluate  its  Passport  8600  Routing  Switch,  a  core  Ethernet 
routing  switch  outfitted  with  64  Gigabit  Ethernet  interfaces.  The  Passport  8600  was  subjected  to  a  battery  of  tests: 
steady-state  zero-loss  bi-directional  throughput  at  64-byte  frames  at  Layer  2  and  Layer  3;  latency  measurements; 
and  QoS  functionality.  Tests  were  performed  in  February  and  March  2003. 


Test  results  show  that  the  Passport  8600  delivered  wire-speed 
performance  at  both  Layer  2  and  Layer  3  when  tested  with  64-byte 
frames.  Further  the  Passport  8600  demonstrated  that  its  QoS 
facilities  could  tag  packets  at  the  ingress  port  and  correctly  prioritize 
lower-priority  traffic  during  periods  of  peak  oversubscription,  ensur¬ 
ing  adequate  bandwidth  for  high-priority  traffic  while  maintaining  low 
latency,  which  is  essential  for  latency-sensitive  traffic. 

These  tests  demonstrated  a  powerful  one-two  performance  punch 
for  enterprise  network  managers  to  consider  in  their  future  support 
of  converged  voice/data/video  networks.  Zero-loss  wire-speed 
device  performance  has  been  a  requisite  for  some  time  in  enter¬ 
prise-class  networks.  But  now  Nortel  Networks  has  set  the  bar 
even  higher  by  providing  zero-loss  switch  performance  with  extreme¬ 
ly  low  latency. 

For  any  user  supporting  a  converged  network,  packet  loss  is  a 
concern  with  applications  that  are  sensitive  to  delay  caused  by 
retransmissions.  The  Passport  8600  and  its  zero-loss  performance 
eliminate  any  concern  about  retransmissions.  The  presence  of 
zero  packet  loss  simplifies  the  convergence  issue  to  one  of  latency. 


Project  Profile 


On  the  latency  front,  the  latency  scores  recorded  by  The  Tolly  Group 
fall  well  below  the  150-millisecond  ceiling  for  acceptable  end-to-end 
latency  in  VoIP  applications-actually  between  10.95  microseconds  and 
just  under  40  microseconds.  The  results  demonstrate  consistent,  low  latency.  This  knowledge  is  comforting  to 
network  architects  since  it  assures  them  that  even  in  the  largest  of  environments  with  multiple  hops,  latency-sensitive 
applications  will  have  a  low  end-to-end  latency. 


Lastly,  it  is  important  to  look  beyond  the  Passport  8600's  zero-loss  wire-rate  performance.  Traditional  core  network 
switches  often  are  deployed  in  an  "active-standby"  configuration  to  provide  back  up  in  the  event  of  a  switch  outage. 
However,  such  configurations  are  ill  conceived  for  converged  network  infrastructures  that  must  support  latency- 
sensitive  voice.  Nortel  has  designed  the  Passport  8600  to  be  deployed  in  a  redundant  "active-active"  scenario  that 
provides  link,  module,  and  switch  failure  and  recovery  convergence 
between  250  milliseconds  and  910ms.  Plus  the  'active-active"  switch 
configuration  can  utilize  Nortel's  multi-path  link  aggregation  that  supplies 
an  aggregate  128-Gbps  wire-rate  backplane  capacity  and  doubles  the 
port  density  across  the  switch  pairing. 
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Come  see  us  at  CeBIT,  New  York,  June  18-20,  Booth  #3750 


Isn’t  it  time  your  Enterprise 
applications  faced  reality? 

Real  World  Traffic"  Suite:  for  the  Enterprise 


Test:  Web  Applications 

Content  Aware  Devices 
Web  Servers 


Test:  Switches 
Routers 
Networks 


Record  and  replay 
web  and  business 
application  traffic 

Extreme  load  with  real 
web  clients  &  servers 


Generate  complex  application 
traffic  without  clients  &  servers 


High  density,  super-scalable 
test  platform 


WebLOAD 


IxWeb 


Chariot 


Enterprise  Load  Appliance 


With  Ixia,  you  can  test  the  performance  limits  of 
both  sides  of  your  company’s  vital  information- 
systems  equation:  the  business  applications 
and  the  network  infrastructure. 

Your  most  promising  applications  can  only 
perform  as  well  as  the  network  that  supports 
them.  The  Ixia  Real  World  Traffic"  Suite  is  an 
integrated  enterprise  test  solution  that  combines 


advanced  Enterprise  Load  Appliances  (ELA)  with 
sophisticated  software  analysis  applications. 

The  solution  generates,  analyzes,  and  forecasts 
real  network  load  and  utilization  demands  both 
for  the  enterprise  application  and  network  itself. 
And  it’s  highly  scalable  and  easily  customized  to 
a  broad  range  of  application  and  user  demands. 


www.nwfusion.com 
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Software  eases  remote  access  mgmt 


■  BY  JOHN  FONTANA 

Expand  Beyond  has  developed  a 
mobile  remote-access  management  plat¬ 
form  that  puts  troubleshooting  and  disas¬ 
ter  recovery  capabilities  in  the  palm  of  an 
administrator’s  hand. 

In  the  coming  month,  the  company  is 
expected  to  ship  PocketAdmin  for 
Windows,  which  will  let  administrators 
carry  out  processes  such  as  assigning 
user  rights  and  rebooting  servers  from 


■  BY  JENNIFER  MEARS 


Gold’s  Gym  was  having  PC  support 
issues.  The  fitness  chain  uses  thin  client 


■  Enterprise  Java  applications  will  be 
able  to  run  directly  on  Palm  Tungs¬ 
ten  handhelds  now  that  Palm  has 
licensed  IBM’s  WebSphere  Micro 
Environment  Java  run-time  environ¬ 
ment.  Palm  will  offer  WME  on  all  its 
Tungsten  devices.  The  run-time  envi¬ 
ronment,  an  implementation  of  Java  2 
Micro  Edition  that  takes  up  about 
600K  to  700K  bytes  of  memory,  might 
be  extended  later  to  Palm's  con¬ 
sumer-focused  Zire  hardware  line, 
Palm  says.  Applications  written  with 
any  Java  development  tool  will  be 
able  to  run  on  the  Tungstens  through 
WME,  but  IBM's  WebSphere  Studio 
Device  Developer  will  be  optimized 
for  creating  Palm-based  Java  appli¬ 
cations,  the  companies  say.  Palm 
also  will  offer  a  free  development  tool 
kit  that  will  work  with  WebSphere 
Studio  Device  Developer.  WME  will 
become  available  as  a  download  for 
Tungsten  users  in  September  and 
probably  will  ship  with  new  Tungsten 
devices  starting  early  next  year. 


Palm  OS  or  Microsoft  Pocket  PC  devices. 
The  software, which  also  runs  from  a  wire¬ 
less-enabled  laptop,  works  in  real  time  on 
Windows  2000  and  2003  servers  and 
Windows  2000  and  XP  desktops. 

“Today,  remote  [management]  access  is 
not  a  problem  that  has  to  be  solved,”  says 
Corey  Ferengul,  an  analyst  with  Meta 
Group.“But  over  time  as  companies  distrib¬ 
ute  their  infrastructure  and  look  to  reduce 
costs,  mobile  remote  access  becomes  a 
real  option.”  Ferengul  says  companies  that 


architecture  for  its  enterprise  applica¬ 
tions,  but  when  it  brings  new  franchises 
online  problems  sometimes  arise. 

Franchise  users  can  hook  into  thin 
client  applications  via  their  PCs,  but  they 
also  retain  standard  PC  features,  and  this 
meant  support  problems,  says  Jeff  Skeen, 
CIO  for  Gold’s  Gym  in  Falls  Church, Va. 

“Say  the  operating  system  goes  down  or 
say  an  employee  puts  a  game  on  the  PC 
that  has  a  virus  on  it:  It  ends  up  crashing 
the  entire  system,”  Skeen  says. 

As  a  result,  Gold’s  Gym  is  looking  at 
using  a  product  announced  last  week 
from  thin  client  vendor  Wyse  Tech¬ 
nologies  that  is  aimed  at  providing 
greater  control  over  how  PCs  are  used. 
The  product,  called  Alcatraz,  lets  users 
turn  PCs  into  thin  clients  and  gives  them 
a  centralized  way  to  manage  those  PCs, 
says  David  Rand,  director  of  corporate 
communications  for  Wyse. 

“The  IT  department  can  give  users  any 
level  of  power  and  freedom  they  need  to 
get  their  jobs  done  and  can  also  take 
away  all  the  other  rights  and  freedoms 
they  don’t  need,”  Rand  says.“It’s  like  sitting 
at  a  control  board, giving  and  taking  away 
rights  and  freedoms.” 

The  software  provides  a  sliding  scale  of 
settings  that  can  be  turned  on  and  off 
based  on  user  or  department,  for  exam¬ 
ple.  A  user  could  have  full  PC  features,  or 
the  PC  could  be  turned  into  a  traditional 
thin  client  or  “dumb”  terminal.  In  be¬ 
tween,  customers  could  restrict  access  to 
browsers,  peripherals,  storage  devices  or 
Windows  settings,  Rand  says. 

Skeen,  who  already  uses  thin  client 
See  Wyse,  page  28 


have  servers  in  locations  where  they  don’t 
have  administrators  immediately  see  the 
value  of  such  tools. 

IDC  says  the  market  for  mobile  manage¬ 
ment  software  is  still  too  small  to  mea¬ 
sure,  so  companies  such  as  Expand 
Beyond  and  its  competitors,  including 
Allen  Systems  Group  and  Sessionware, 
have  a  lot  of  work  left  to  convince  com¬ 
panies  that  mobile  technology  is  a  strate¬ 
gic  investment. 

“We  think  this  kind  of  technology  —  in 
general  mobile  enablement  —  will 
increase  as  the  economy  improves,”  says 
Carl  Olofson.an  analyst  with  IDC. 

With  PocketAdmin  for  Windows,  adminis¬ 
trators  can  manage,  monitor  and  trouble¬ 
shoot  Windows  systems  over  a  wireless 
connection. 

Expand  Beyond,  which  has  similar  soft¬ 
ware  for  SQL  Server,  Oracle  and  IBM’s  DB2 
databases,  has  integrated  PocketAdmin  for 
Windows  with  Active  Directory  so  adminis¬ 
trators  can  manage  objects  such  as  com¬ 
puters  and  users  listed  in  the  directory 
Users  and  groups  can  be  added  and 
deleted  from  the  mobile  interface,  and 
administrators  can  manage  network  file 
shares  and  print  queues. 

Also,  PocketAdmin  for  Windows  uses 
security  and  logon  services  provided  by 
the  directory  so  there  is  no  need  to  recre¬ 
ate  those  services  in  the  Expand  Beyond 
wireless  environment.  The  software  also 
integrates  with  authentication  technology 
from  RSA  Security  Delegated  administra¬ 
tion  of  services  and  desktops,  which  is  set 
up  through  the  directory,  also  extends  to 
PocketAdmin  for  Windows. 

Users  also  can  administer  certain  aspects 
of  Exchange  Server,  including  restarting  a 
server,  modifying  user  accounts  and  moni¬ 
toring  events.  Administrators  can  access 
event  logs  to  monitor  and  troubleshoot  net¬ 
work  problems,  and  manage  processes, 
including  the  ability  to  kill  processes  that 
might  be  hung  up. 

Transmission  of  data  is  over  Secure 
Sockets  Layer,  and  PocketAdmin  for 
Windows  can  be  integrated  with  VPN 
technology. 

“Typically  an  organization  with  mission- 
critical  systems  measures  downtime  in 
thousands  of  dollars  per  minute,”  says 
Derek  Ferguson,  chief  technology  evange¬ 
list  for  Expand  Beyond. “If  we  can  cut  the 
turnaround  time  for  solving  problems 
then  it  represents  thousands  of  dollars  in 
savings.” 

FbcketAdmin  for  Windows  ships  with  a 


Wyse  bulks  up  desktop 
management  package 


Management  by  handheld 

Expand  Beyond  uses  a  four-tiered 
system  to  let  corporate  adminis¬ 
trators  with  handheld  devices 
manage  Windows  servers  and 
desktops  in  real  time. 


l  Administrator  fires  up 
PocketAdmin  for  Windows 
software  on  handheld  to 
shut  down  process  that  is 
hung  up  on  server. 


Firewall 


2  Connection  is  made 
through  wireless  service 
provider  and  Internet  to 
Expand  Beyond  application 
server  sitting  in  corporate 
network.  The  server 
manages  the  connection 
and  formats  the  data  for 
the  device-size  screen. 


Expand  Beyond 
application  server 


3  .Net  Gateway  provides 
layer  of  security  in  that 
application  server  only  can 
talk  to  the  gateway  and  no 
other  network  device. 


.Net  Gateway 


4  Gateway  brokers  commu¬ 
nication  between  server 
and  handheld  as  adminis¬ 
trator  troubleshoots 
server  in  real-time. 


Windows  Server  2003 


graphical  user  interface,  and  includes  the 
option  of  adding  a  command-line  inter¬ 
face  overVTIOO  terminal  emulation  using 
Secure  Shell  or  Telnet. 

The  FbcketAdmin  for  Windows  environ¬ 
ment  is  a  four-tier  architecture,  including 
the  Expand  Beyond  Application  Serve 
which  runs  on  Windows,  Sun  Solaris  and 
Red  Hat  Linux,  and  the  Expand  Beyond 
.Net  gateway,  which  provides  a  layer  of  < 
work  access  security 

Pricing  for  FbcketAdmin  is  $2,500  to  I" 
servers  and  unlimited  end  users.  ■ 


IBM  Tola  I  Storage 
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Manages  storage  resources  to  meet  changing  demand.  On  demand. 


.64  a*  9s*  fr* 


The  human  body  has  an  amazing  capacity  to  adapt  to  shifting 
demands.  So  do  IBM  TotalStorage  products.The  IBM  TotalStorage 
Virtualization  Family  manages  your  individual  storage  resources 
as  one  common  virtual  pool.  It  can  then  allocate  storage  to  your 
servers,  helping  to  improve  availability  and  utilization.  On  demand. 
Helping  to  lower  your  costs. 

TotalStorage:  storage  for  on  demand  business. 

Can  you  see  it?  See  it  at  ibm.com/totalstorage/ondemand 
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On  June  6, a  federal  appeals  court  in 
Washington,  D.C.  decided  to  let  the 
FCC  require  that  cell  phone  carriers 
let  customers  keep  their  phone  numbers 
when  switching  providers. This  means  that 
cell  phone  customers  will  soon  have  about 
the  same  rights  to  keep  their  numbers  as 
people  with  wired  phones  have  had  for  a 
few  years,  and  operators  of  “800”  lines  have 
had  for  10  years.  Basically  they  will  have  the 
right  to  treat  their  phone  number  as  if  it 
was  not  a  number. 

The  court’s  decision  (see  www.nwfu 
sion.com,  DocFinder:  6330)  hinged  on  a 
legal  technicality  and  the  definition  of  the 


Non-numeric  numbers 


word  “necessaiyf  and  could,  in  theory,  still 
be  appealed.  It  also  is  possible  that  Con¬ 
gress  could  be  persuaded,  by  dint  of  argu¬ 
ment  or  donation,  to  overturn  the  decision. 
But  as  of  now  it  looks  like  the  FCC  will  con¬ 
tinue  to  push  for  an  end  of  November 
implementation  date. 

The  ability  to  keep  a  phone  number 
while  changing  providers  is  called  number 
portability.  See  IETF  RFC  3482  (DocFinder: 
6331)  for  an  explanation  on  how  tele 
phone  number  portability  works. 

Phone  companies  include  a  number 
portability  fee  on  your  phone  bill  (mine 
was  23  cents  last  month)  even  though  you 
may  not  be  taking  advantage  of  it.  It  should 
be  noted  that  the  ultimate  types  of  number 
portability  keeping  the  same  phone  num¬ 
ber  when  changing  from  wired  to  wireless 
or  when  moving  across  country  are  not 
included  in  the  current  FCC  plans. 

Once  upon  a  time  there  was  real  struc¬ 


ture  in  all  of  a  phone  number.  You  could 
tell  the  country  region  of  a  country  city  and 
sometimes,  part  of  a  city  by  parsing  the 
number. This  was  because  the  number  was 
used  to  route  the  phone  call.  But  number 
portability  removes  most  of  that  structure. 
You  can  still  determine  the  country  and, for 
now,  the  region.  But  the  number  is  no 
longer  used  to  actually  route  the  phone 
call.  The  number  you  dial  (funny  that  it’s 
still  called  “dialing”)  is  looked  up  in  a  data¬ 
base  to  get  another  number  that  is  used  to 
actually  route  the  call.The  number  you  dial 
is  no  longer  a  number.  It  is  actually  func¬ 
tioning  as  a  name  and  is  looked  up, just  like 
you  would  look  up  a  name  in  a  phone 
book,  to  get  the  real  routing  number. 

Another  place  that  the  number-as-name 
change  can  be  seen  is  in  the  IETF“enum” 
protocol  (DocFinder:  6332). 

With  enum.a  phone  number  is  looked  up 
in  the  domain  name  system,  just  like 


www.nwfusion.com ) 


nww.com,  to  get  contact  information.  Not 
just  phone  contact  information,  but  poten¬ 
tially  Web  page, postal  and  email  addresses 
and  voice  mail.  Some  people  have  privacy 
concerns  with  enum  and  the  Center  f 
or  Democracy  and  Technology  has  put 
together  a  white  paper  on  the  issues 
(DocFinder:  6333).  I’m  not  sure  I  buy  some 
of  the  worry,  considering  the  ability  of 
Google  to  find  information  based  on  phone 
numbers,  but  it  is  a  good  debate. 

Now  the  real  question  arises:  Now  that 
your  phone  number  can  be  a  name, do  you 
want  it  to  be  your  name? 

Disclaimer:  Harvard  would  not  have  the 
same  punch  if  it  were  known  as  1  617  495 
1000, but  the  university  has  not  expressed  a 
view  as  far  as  I  know. 

Bradner  is  a  consultant  with  Harvard 
University's  University  Information  Systems. 
He  can  be  reached  at  sob@sobco.  com. 


IBM  adds  database  support  to  Risk  Manager 


■  BY  PAUL  ROBERTS 

IBM  is  expanding  its  Tivoli  Risk  Manager 
security  management  product  to  manage 
security  events  from  a  number  of  common 
enterprise  databases. 

Announced  last  week,  IBM  says  its  Risk 
Manager  software  now  can  manage  secu¬ 
rity  events  from  IBM  DB2  Universal 
Database,  Oracle  Database  by  Oracle  and 
Microsoft’s  SQL  Server.  The  product  can 
correlate  database  security  events  with 
events  being  logged  by  other  devices  on 
a  network  such  as  Web  servers,  firewalls 
and  intrusion-detection  systems  (IDS). 


Wyse 

continued  from  page  25 

management  software  from  Wyse,  says  he 
likes  the  idea  of  Alcatraz  because  it  would 
enable  greater  control  of  franchisee  sys¬ 
tems,  without  having  to  ask  them  to  scrap 
existing  hardware. 

Alcatraz  will  “basically  dumbify  the  PC 
so  there  is  nothing  they  can  do  with  it 
other  than  what  we  want  them  to  do  with 
it,"  he  says. 

Skeen  also  says  he  is  looking  at  the 
recently  released  update  to  Wyse's  thin 
client  management  software,  Rapport. 
Rapport  4.0  increases  the  number  of 
remote  clients  that  can  be  managed  from 
one  management  platform.  The  software 
also  includes  an  easier  to  use  management 
interface,  Rand  says,  and  lets  IT  managers 
update  thin  clients  more  quickly. 

Wyse  competes  with  other  client  man¬ 
agement  software  vendors  including 
Altiris,  NCD  and  Neoware,  Rand  says. 

Alcatraz  and  Rapport  run  Windows 
server  operating  systems.  Alcatraz  supports 
all  Windows  PC  operating  systems  while 
Rapport  supports  all  Wyse  thin  clients  as 


Using  Risk  Manager,  complex  network 
attacks  involving  multiple  devices  can 
be  boiled  down  from  thousands  of  relat¬ 
ed  events  to  a  small  number  of  incidents 
that  administrators  could  respond  to, 
IBM  says. 

Risk  Manager’s  database  support  will 
complement  the  work  of  other  Tivoli  data¬ 
base  monitoring  products  such  as  IBM 
Tivoli  Monitoring  for  Databases,  according 
to  IBM.  That  product  tracks  database  per¬ 
formance  and  resource  allocation,  auto¬ 
matically  alerting  database  administrators 
when  problems  arise. 

The  announcement  extends  IBM’s  ongo- 


II  It's  like  sitting  at  a 
control  board,  giving  and 
taking  away  rights  and 
freedoms.  11 

David  Rand 

Director  of  corporate  communications, 
Wyse 


well  as  Windows  NT  and  2000  servers. 

David  Fried  lander,  an  analyst  at  Forrester 
Research,  says  Alcatraz  likely  will  be  of 
greatest  interest  to  customers  already 
using  Wyse  products.  “Much  of  [the  mar¬ 
ket]  will  be  their  existing  customers  who 
until  now  have  either  been  using  a  manu¬ 
al  process  to  convert  PCs  or  have  been 
buying  terminals.  The  danger  is  they  may 
undercut  some  of  their  own  terminal  sales 
by  helping  users  repurpose  PCs." 

Alcatraz  is  priced  starting  at  $79  per  seat 
and  Rapport  comes  bundled  with  Wyse's 
Winterm  thin  client  products  ■ 


ing  effort  to  automate  common  network 
tasks  such  as  updating  passwords,  chang¬ 
ing  device  configurations  and  responding 
to  security  events. 

High-risk  database  activity, such  as  delet¬ 
ing  data,  would  result  in  an  alert  being 
issued  and  the  offending  user’s  informa¬ 
tion  being  displayed  on  to  the  Risk 
Manager  security  dashboard  for  review 
by  administrators. 

Package  delivery  giant  United  Parcel 
Service  (UPS)  is  evaluating  the  Risk 
Manager  product  for  its  ability  to  correlate 
IDS  output,  but  the  additional  support  for 
database  output  would  be  “nice  to  have,” 
according  to  Glen  Barry  director  of  enter¬ 
prise  systems  management  at  UPS  in 
Mahwah,  N.J. 

“Our  environment  has  multiple  databases 
—  DB2,  Oracle  and  SQL  —  so  a  product 
that  has  more  breadth  has  more  value. This 
announcement  is  definitely  of  interest  to 
us,”  he  says. 

While  Barry  was  not  familiar  with  the 
details  of  IBM’s  announcement,  he  says  that 
UPS  uses  a  variety  of  Tivoli  products  such 
as  its  configuration  manager  and  monitor¬ 
ing  components.  UPS  also  is  converting 
from  Tivoli  User  Administration  to  Tivoli 
Identity  Manager,  he  says. 

UPS  is  looking  to  use  Risk  Manager  to 
replace  its  current  system  of  outsourcing 
event  management  to  a  third  party 


In  addition  to  managing  the  world’s 
largest  DB2  database,  UPS’s  network  con¬ 
sists  of  14  mainframe  computers,  2,400 
midrange  servers  and  more  than  240,000 
PCs,  Barry  says. 

While  the  company  hadn’t  considered 
database  event  management  before  agree 
ing  to  try  Risk  Manager,  the  addition  of  sup¬ 
port  for  the  three  main  databases  that  UPS 
manages  on  its  network  sweetens  the  deal, 
Barry  says. 

“We’re  seeing  IBM  continue  to  put  con¬ 
siderable  resources  and  attention  into  hav¬ 
ing  a  product  that  can  solve  problems  that 
enterprises  have  today’  says  Gerry  Gebel, 
analyst  at  Burton  Group. 

While  corporate  planners  have  tradition¬ 
ally  focused  on  perimeter  security  they  are 
increasingly  turning  to  the  problem  of 
securing  resources  within  the  firewall  and 
applying  the  same  perimeter  security  tech¬ 
nology  to  securing  data  where  it  is  stored, 
Gebel  says. 

While  the  market  for  products  that  can  do 
event  correlation  for  databases  is  still  rela¬ 
tively  small,  increased  pressure  on  organi¬ 
zations  from  new  federal  and  state  regula¬ 
tions  governing  data  protection  is  likely  to 
increase  the  market  for  such  products  in 
the  future,  he  says. 

Roberts  is  a  correspondent  with  the  IDG 
News  Service's  Boston  bureau. 
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Now  you  can  know 
who  made  the  change 
in  addition  to  what, 
when,  where,  and 
how  data  change 
has  occurred. 


Tripwire®  assures  the  integrity  of  your  data 
and  gives  you  the  ability  to  immediately  detect 
and  pinpoint  undesired  change  across  all  your 
servers  and  network  devices.  By  establishing 
a  baseline  of  data  in  its  known  good  state, 
Tripwire  software  monitors  and  reports  any 
changes  to  that  baseline  and  enables  rapid 
discovery  and  recovery  when  an  undesired 
change  occurs.  Thus  ensuring  the  stability  of 
your  information  services. 

Maximize  System  Uptime 
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Increase  IT  Staff  Productivity 
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Failsafe  Foundation  for  Data  Security 

■  Ensure  the  integrity  of  your  data 

■  Enable  detailed  audit  reporting 

■  Maintain  granular  visibility  and  control 


Tripwire’s  Integrity  Assurance  solutions  are 
the  only  way  to  have  100%  confidence  that 
your  systems  remain  uncompromised.  In  the 
event  of  a  change  in  state,  you  will  know  who 
made  the  change  and  exactly  what,  when, 
where,  and  how  change  has  occurred  so 
you  can  recover  quickly. 

For  a  FREE  30-day  fuliy-functional  demo 
and  copy  of  the  white  paper  “What’s  Good 
for  Operations  is  Good  for  Security”, 
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Real  security  means 
having  all  the  right  tools. 

Right  when  you  need  them. 


XSR  Security  Routers 

All-in-one  VPN,  firewall,  IDS  and  WAN  router  for  your  remote  offices. 


Survival  for  today’s  global  enterprises 
means  having  the  tools  to  control  network 
connectivity  to  your  remote  offices,  quickly 
and  securely,  especially  with  so  many  new 
threats  out  there.  That’s  Enterasys’  XSR 
Security  Router. 

Designed  for  the  enterprise  branch  and 
regional  office,  XSR  Security  Routers 
integrate  WAN  routing  and  comprehensive 
security  functions,  including  VPN,  stateful 
inspection  firewalling  and  intrusion 
detection — all  in  a  single,  high-performance, 
easy-to-manage  device. 

With  comprehensive  security,  familiar 
management  features  and  breakthrough 
price-performance,  the  XSR  sets  a  new 


standard  for  quality  and  value.  You  will 
lower  the  cost  of  ownership  and  simplify 
network  operations. 

Look  for  the  XSR  Security  Router  to  be  a 
key  solution  when  building  a  Business-Driven 
Network ™  across  your  entire  enterprise. 

For  more  information — including  a  FREE 
Tolly  Report  on  the  XSR — visit  us  on  the 
web  at  enterasys.com/xsr 
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C&W  customers  wait  to  learn  their  fate 


■  BY  DENISE  PAPPALARDO  AND 
JENNIFER  MEARS 

The  recent  announcement  by  Cable  & 
Wireless  that  it  is  ditching  its  unprofitable 
U.S.  business  has  the  company’s  5,000 
domestic  customers  wondering  what  the 
fallout  will  be  for  their  organizations. 

The  move  by  C&W  comes  after  months  of 
assertions  by  the  company  that  it  was  not 
leaving  the  U.S.  market,  but  only  restructur¬ 
ing  its  business  to  focus  on  customers  with 
multinational  data  needs.  But  that  plan  was 
drafted  under  a  different  management 
team. The  carrier’s  current  chairman,  CEO, 
COO  and  several  board  members  have  all 
joined  since  January 

At  least  one  C&W  Web  hosting  customer 
is  not  rushing  to  find  another  provider. 

“We  will  wait  and  see,”  says  Phil  Gibson, 
vice  president  of  Web  business  and  sales 
automation  at  National  Semiconductor  in 
Santa  Clara. “Obviously  they  could  sell  this 


business  to  another  provider.  Worst  case, 
they  could  shut  it  down,  but  that  is  a  re¬ 
mote  possibility’ 

Gibson  says  National  has  reviewed  its  in¬ 
frastructure  services  for  about  nine 
months, since  rumors  started  about  the  car¬ 
rier  leaving  the  U.S.  market. 

“We  continue  to  look  at  the  competitive 
providers  to  see  if  they  can  offer  a  better 
cost-performance  alternative  to  our  U.S. 
hosting,”  he  says. 

Although  C&W  says  it  is  exploring  all 
options,  it  is  likely  that  the  service  provider 
will  sell  its  customer  contracts  and  shut 
down  data  centers,  and  maybe  even  its  net¬ 
work,  says  Brownlee  Thomas,  analyst  at 
Giga  Information  Group. 

The  carrier  owns  a  national  IP  backbone 
and  operates  about  15  Web  hosting  data 
centers.  C&W  offers  Internet  access,  man¬ 
aged  IP  VPN,  collocation,  managed  Web 
hosting  and  content  management  services. 

“The  other  option  includes  Chapter  7 


liquidation,”  Thomas  says.  Chapter  11  isn’t 
an  alternative  because  C&W  does  not  have 
any  debt  that  it  needs  to  restructure,  but  it 
could  choose  to  liquidate  its  assets  if  it 
does  not  get  a  good  offer  from  a  buyer,  she 
says.  C&W  has  cash,  but  has  been  using 
much  of  that  to  support  its  U.S.  business. 

Other  analysts  expressed  their  disap¬ 
pointment  in  the  carrier’s  actions. 

“It  has  just  been  a  horrible  mess  in  how 
they’ve  dealt  with  customers,”  says  Andy 
Schroepfer,  president  of  Tier  1  Research. 
“The  same  company  that  a  year  ago  was 
spending  advertising  dollars  saying,  ‘We’re 
the  most  financially  stable . .  .we’re  going  to 
be  with  you  for  the  long  haul,’  it’s  just  ridicu¬ 
lous  now  to  have  them  come  back  with 
just  the  complete  absolute  opposite  state¬ 
ment.  I  can’t  criticize  Cable  &  Wireless 
enough  for  how  badly  they’ve  done  this.  At 
the  same  time  I  can’t  compliment  the  new 
CEO  enough  for  making  what  is  a  perfect 
business  decision  to  get  out  of  the  U.S.”  ■ 


Where  it  started 

C&W  is  giving  up  on  the  U.S.  market. 

July  1998:  Goes  from  virtual  unknown 
to  top-five  provider  with  $1.7  billion 
purchase  of  MCl’s  IP  backbone. 

May  2001:  Buys  CDN  service  provider 
Digital  Island  for  $340  million. 

November  2001:  Acquires  Exodus 
assets  for  $850  million. 

May  2002:  Begins  ditching  U.S.-only 
voice  and  data  customers. 

November  2002:  Announces  a  major 
restructuring,  slashes  3,500  jobs. 

January  2003:  CEO  Graham  Wallace 
to  leave  once  replacement  found. 

April  2003:  Francesco  Caio  named  CEO. 

June  2003:  Company  announces  it  is 

completely  exiting  U.S.  markets. 
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Alcatel  acquisition  debuts  with  edge  routers 


■  BY  JIM  DUFFY 


Start-up  TiMetra  Networks  has  at  long  last 
revealed  the  reasons  why  Alcatel  acquired 


■  Equant  has  signed  a  $6.7  million 
contract  with  Sea  Containers  to 
provide  the  multinational  company 
with  its  fully  managed  IP  VPN  service 
over  the  next  five  years.  Sea  Con¬ 
tainers  is  using  Equant’s  network  to 
connect  10,000  employees  at  50  sites 
in  25  countries. 

■  Wave7  Optics  last  week  announced 
that  its  fiber-optics  network  system 
has  attained  Rural  Utilities  Service 

certification.  RUS  provides  rural  utility 
companies  with  low-interest  financing 
for  the  purchase  of  telecom  equip¬ 
ment  from  the  RUS  List  of  Acceptable 
Materials.  Wave7's  Last  Mile  Link 
product  line  is  now  on  that  list. 


the  company 

The  3-year-old  company  unveiled  its 
line  of  edge  routers  two  weeks  ago  at 
SuperComm  in  Atlanta.  The  SR-Series 
Service  Routers  are  designed  to  enable 
multiple  services  over  an  IP/Multi-proto- 
col  Label  Switch  network,  and  guarantee 
service  levels  through  exhaustive  man¬ 
agement  routines. 

These  management  capabilities  are  what 
differentiates  TiMetra’s  SR-Series  from  com¬ 
petitive  offerings  from  companies  young 
and  old,  including  Cisco,  Juniper,  Laurel 
Networks  and  Vivace  Networks,  analysts  say 

TiMetra  unveiled  three  models  of  the  SR- 
Series:  the  20G  bit/sec  SR-1,  which  occu¬ 
pies  1 ,5U  of  rack  space;  the  60G  bit/sec  SR- 
4, occupying  1/7  rack;  and  the  400G  bit/sec 
SR-12,  occupying  1/3  rack.  All  SR-Series 
routers  utilize  a  common  set  of  interface 
modules  and  small  form-factor  pluggable 
optics,  which  lets  service  providers  mix- 
and-match  media  types  and  optical  reach 
on  a  per-port  basis. 

The  SR-Series  supports  Ethernet  inter¬ 
faces  ranging  from  10/100M  to  10G  bit/ 
sec,  and  TDM-based  interfaces  from  T-l/E-1 
to  OC-192/STM-64.The  routers  support  den¬ 
sities  of  600  Gigabit  Ethernet  or  960  OC- 
12/STM4  ports  per  rack. 

The  SR-Series  routers  also  feature  a 


programmable  chipset  that  TiMetra  calls 
Flexpath.This  is  a  10G  bit/sec  processor  set 
that  enables  service  upgrades  to  be 
achieved  in  microcode,  which  eliminates 
the  substantial  costs  of  line-card  replace¬ 
ments  and  truck  rolls  typically  required 
with  current  routers. 

Flexpath  supports  the  deployment  of 
Ethernet,  frame  relay  and  ATM  Virtual 
Leased  Lines,  RFC  2547bis  BGP/MPLSVPNs 
and  Virtual  Private  LAN  Services  (see  story 
on  VPLS,  page  33). 

But  the  coup  de  grace  of  the  SR-Series  is 
its  operations, administration,  management 
and  provisioning  (OAM&P)  capability,  ana¬ 
lysts  say  This  lets  providers  verify  manage 
and  troubleshoot  IP/MPLS  data  services, 
which  is  uncommon  in  IP/MPLS  service 
provisioning,  the  company  says. 

“It  seems  to  be  a  sticking  point  with  a  lot 
of  the  service  providers,”  says  Roz  Rose- 
boro,  an  analyst  at  RHK.'And  it  seems  to  be 
the  one  thing  that  differentiates  [TiMetra].’’ 

Analyst  Kevin  Mitchell  of  Infonetics  Re¬ 
search  adds, “It  shows  maturity  of  the  tech¬ 
nology  by  focusing  on  the  management 
and  provisioning  as  it’s  just  a  toy  until  a  ser¬ 
vice  provider  can  manage  the  box,  provi¬ 
sion  services  and  bill  for  them.  Now  the 
market  will  decide  if  Alcatel  built  the  right 
box  and  if  it  can  sell  IP.” 


Key  OAM&P  features  of  the  SR-Series 
include: 

•  Service  assurance  tools  to  verify  all  as¬ 
pects  of  a  service,  end-to-end. 

•  Media-access  control  ping  and  trace- 
route  tools  to  locate  network  paths  to  cus¬ 
tomer  premises  devices. 

•  Service  mirroring  to  troubleshoot  ser¬ 
vices  and  capture  traffic  without  having  to 
overlay  network  analyzers  or  deploy  tech¬ 
nicians  to  remote  points  of  presence. 

These  OAM&P  functions  are  embedded 
in  the  SR-Series  logic  and  can  be  activated 
through  a  command-line  interface  or  via 
TiMetra’s  Management  System  (TiMS).TiMS 
also  provides  centralized  provisioning,  fault 
management,  network  and  service  topol¬ 
ogy  mapping  and  service  troubleshooting. 

The  OAM&P  capabilities  of  the  SR-Series 
help  enable  and  ensure  per-service  quality 
of  service,  accounting  and  billing,  and  pro¬ 
visioning  and  diagnostics,  which  lets 
providers  accurately  support  service-level 
agreements, TiMetra  says. 

Pricing  for  the  SR-Series  starts  at  less  than 
$30,000.TiMS  is  expected  to  be  available  in 
the  third  quarter,  with  prices  starting  at 
$60,000. 

TiMetra  is  in  the  process  of  being 
acquired  by  Alcatel.  The  acquisition  is 
expected  to  close  in  the  third  quarter.  E8 
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Service  Providers 


Carriers  need  to  get  in  tune  with 


The  promise  of  IP  telephony  has  been 
a  siren  song  for  years  . . .  with  excep¬ 
tionally  loud  hosannas  emanating 
from  a  certain  network  equipment  vendor 
in  San  Jose. 


But  now  the  chorus  has  been  joined  by 
even  more  voices.  One  is  Microsoft,  which 
is  releasing  the  voice-over-IP  enabled  ver¬ 
sion  of  Windows  CE  next  month,  and  also 
has  a  massive  internal  effort  underway 


THE  RIGHT  PIECE 
BRINGS  IT  ALL 
TOGETHER. 

Imagine  giving 
your  applications 
optimal  performance 
on  blade  servers. 


Thanks  to  the  blade  server  platform,  you've 
reduced  everything — server  size,  space,  cables, 
management  overhead  and  most  importantly, 
costs.  But  then  you  realize  that  even  when 
consolidated,  the  new  server  platform  still  has 
to  meet  the  same  demands:  it  has  to  be  highly 
available,  secure,  scalable  and  completely 
reliable  in  its  performance. 

How  do  you  meet  those  demands  without 
sacrificing  all  you've  just  gained?  F5's  BIG-IP® 
Blade  Controller  software  provides  traffic 
management  that  virtualizes  and  load  balances 
the  blade  server  environment.  Now  you  can  pool 
blades  and  concentrate  their  power,  route  traffic 
to  those  that  are  performing  well,  and  manage 
them  as  a  single  entity.  And  with  BIG-IP  Blade 
Controller  loaded  directly  onto  blade  servers, 
you’re  guaranteed  to  achieve  the  high 
availability  performance  it  takes  to  reliably 
deliver  applications. 

Give  your  imagination  free  reign  and  your 
bottom  line  room  to  grow. 

Visit  www.f5.com/bcnw  to  learn  more  and 
experience  a  flash  demo.  Or  call  800-916-7166. 


www.nwfusion.com 


IP  telephony 

around  VoIP 

Even  more  interestingly,  IP  telephony 
appears  to  be  picking  up  steam  in  the  en¬ 
terprise.  Nemertes  Research  recently  heard 
from  roughly  50  IT  executives,  and  their 
message  was  clear:  IP  telephony  is  here. 
More  than  80%  are  using  the  technology: 
64%  in  a  production  environment  and  20% 
in  trials.  And  hats  off  to  the  folks  in  Red¬ 
mond  for  focusing  on  the  right  issues:  Front 
and  center  concerns  are  integration  with 
enterprise  applications  and  mobility 

Now  let’s  talk  about  some  folks  that  aren’t 
quite  in  tune  with  the  real  issues:  service 
providers.  Here  are  a  few  things  AT&T, 
Equant.Infonet,  MCI, Sprint  and  others  leap¬ 
ing  into  the  IP  telephony  fray  can  do  more 
wisely: 

•  Come  up  with  a  better  ROI  story. 

Service  providers  are  still  hung  up  on  the 
notion  that  the  true  value  proposition  of  IP 
telephony  lies  in  bypassing  the  toll.  That 
doesn’t  work  so  well  when  the  so-called 
“tolls” are,  well,  the  services  you  sell. 

“When  we  researched  the  math,  we 
couldn’t  make  AT&T’s  (IP  telephony)  offer¬ 
ing  work.  It’s  because  they’re  competing 
with  themselves  —  and  why  would  they 
want  to  drive  down  revenue?” says  the  com¬ 
munications  director  for  a  large  manufac¬ 
turing  firm. 

•  Emphasize  managed  services  —  and 
deliver.  “I  would  prefer  to  buy  (enterprise 
IP  telephony)  as  a  service  from  carriers,” 
the  global  telecom  manager  for  another 
large  manufacturer  says.  To  get  this  busi¬ 
ness,  telcos  should  integrate  with  leading 
equipment  vendors,  which  paves  the  way 
for  provider-managed  IP  telephony  ser¬ 
vices.  AT&T  already  has  lined  up  agree¬ 
ments  with  Cisco  and  Avaya,  and  MCI  says 
it’s  doing  the  same. 

Second,  they  should  help  IT  executives 
with  deployments.  Over  a  third  of  IT 
execs  said  poor  voice  quality  was  hold¬ 
ing  them  back  from  further  IP  telephony 
deployments  —  yet  poor  quality  is 
almost  always  an  implementation  issue, 
often  caused  by  inexperienced,  value- 
added  resellers  or  integrators.  IT  execu¬ 
tives  need  qualified  help  of  the  kind  that 
carriers  could  provide. 

•  Deliver  integrated  mobile  solutions.  The 
most  important  IP  telephony  cost-justifier 
cited  by  IT  executives  was  the  ability  to 
enhance  mobility  This  includes  not  only 
wireless  integration,  but  also  the  ability  to 
change  locations  seamlessly  while  remain¬ 
ing  on  the  corporate  voice  (and  particu¬ 
larly  voice  mail)  network.  People  get 
around  this  today  by  using  their  cell  phones 
as  their  primary  phones,  but  such  an 
approach  drives  up  a  corporation’s  cellular 
costs  and  limits  available  functionality. 
Many  companies  would  leap  at  the  chance 
to  reduce  cellular  costs  and  improve 
mobile  connectivity  at  the  same  time. 

Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com. 
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SHAPING  YOUR  NETWORK 


VPLS  removes  complexity  from  network 


HOW  IT  WORKS 


VPLS 


Virtual  Private  LAN  Service  uses  routed  IP/MPLS  to 
provide  a  multipoint,  switched  Ethernet  LAN  service 
to  each  customer. 


O  Customer  1’s  router  in  L.A.  sends  packets  with  802.1q  VLAN  tags  to  edge  router. 

©  Edge  router  looks  up  the  destination  MAC  address  in  the  forwarding  information  base  (FIB)  associated 
with  Customer  1’s  VPLS  service. 

©  Edge  router  appends  virtual  channel  label  for  Customer  1  and  transport  label,  and  sends  packet  along 
label  switched  path  tunnel. 

©  Intermediate  label  switched  routers  (LSR)  switch  packet  toward  destination  based  on  transport  label. 

©  Destination  edge  router  removes  transport  and  virtual  channel  labels,  looks  up  destination  and  forwards 
packet  to  Customer  1  router  in  New  York. 


■  BY  LINDSAY  NEWELL 

Many  network  managers  wish  to  connect 
their  geographically  dispersed  locations 
with  a  protocol-transparent,  any-to-any  full- 
mesh  service.  This  is  difficult  for  service 
providers  to  achieve  with  existing  network 
architectures  such  as  ATM  and  frame  relay 

Virtual  Private  LAN  Service  (VPL5)  has 
emerged  to  meet  this  need.  A  proposed 
IETF  standard,  VPLS  is  a  class  of  VPN  that 
supports  the  connection  of  multiple  sites 
in  a  single  bridged  domain  over  a  man¬ 
aged  IP/Multi-protocol  Label  Switching 
(MPLS)  network.  All  services  in  a  VPLS 
appear  to  be  on  the  same  LAN,  regardless 
of  location.  This  removes  complexity  from 
enterprise  networks,  and  lets  carriers  scale 
the  networks. 

A  VPLS  presents  an  Ethernet  interface  to 
customers,  simplifying  the  LAN/WAN 
boundary  for  service  providers  and  cus¬ 
tomers,  and  enabling  rapid  and  flexible  ser¬ 
vice  provisioning,  because  the  service 
bandwidth  is  not  tied  to  the  physical  inter¬ 
face.  A  100M  bit/sec  interface  can  support 
a  service-level  agreement  with  anywhere 
from  1 M  to  1 00M  bit/sec  of  customer  traf¬ 
fic,  typically  in  increments  of  1M  bit/sec. 


Got  great  ideas 


■  Network  World  \$  looking  for  great 
ideas  for  future  Tech  Updates.  If  you 
want  to  contribute  a  primer  on  a  spe¬ 
cific  technology,  standard  or  protocol, 
contact  Amy  Schurr,  senior  managing 
editor,  features  (aschurr®  nww.com). 


A  VPLS  uses  edge  routers  that  can  learn, 
bridge  and  replicate  on  a  per-VPLS  basis. 
These  routers  are  connected  by  a  full  mesh 
of  MPLS  label  switched  path  (LSP)  tunnels, 
enabling  any-to-any  connectivity  Multiple 
services  can  be  carried  within  each  LSP 
tunnel. 

All  services  in  a  VPLS  are  identified  by  a 
unique  virtual  channel  label,  which  is 
exchanged  between  each  pair  of  edge 
routers. 

Edge  routers  use  these  virtual  channel 
labels  to  demultiplex  traffic  arriving  from 
different  VPLS  nodes  over  the  same  LSP 
tunnel.  Label  switch  routers  in  the  path 
switch  traffic  based  on  the  outer  (trans¬ 
port)  label,  so  the  virtual  channel  label  is 
only  visible  to  the  final  edge  router,  where 
the  service  terminates. 

As  traffic  arrives  on  access  ports,  edge 
routers  collect  customers’  media  access 
control  (MAC)  addresses.  Each  router  pop¬ 
ulates  the  addresses  in  a  forwarding  infor¬ 
mation  base,  or  table  of  MAC  addresses,  it 
maintains  for  each  VPLS  node.  All  cus¬ 
tomer  traffic  is  switched  according  to  MAC 
addresses,  and  forwarded  across  the  ser¬ 
vice  provider  network  using  the  appropri¬ 
ate  LSP  tunnels. 

Because  most  companies  use  routers  for 
their  WAN  connections,  the  edge  routers  in 
a  VPLS  are  exposed  only  to  a  single  MAC 
address  at  each  customer  location,  thus 
each  edge  router  can  scale  to  support 
thousands  of  VPLS  services. 

In  many  situations,  multiple  customers  in 
the  same  location  wish  to  use  a  VPLS. 
Rather  than  have  each  customer  use  a  sep¬ 
arate  physical  connection  into  the  nearest 
edge  router,  VPLS  provides  a  hierarchical 
approach.  A  less-expensive  multitenant 
unit  switch  is  deployed  at  the  customer 


premises  and  a  spoke  connection  multi¬ 
plexes  traffic  between  the  MTU  switch  and 
the  edge  router. 

This  spoke  might  use  stacked  IEEE 
802.  lq  virtual  LAN  tags  in  which  the  outer 
tag  identifies  each  customer  and  the 
inner  tag  identifies  traffic  within  the  cus¬ 
tomer’s  network.  Alternatively,  the  spoke 
might  use  MPLS  LSP  and  virtual  channel 
labels,  creating  a  point-to-point  connec¬ 
tion  between  the  MTU  switch  and  each 
edge  router. 


Although  VPLS  is  not  widely  available 
commercially  its  future  looks  promising. 
The  IETF  standardization  process  is  mov¬ 
ing  forward  and  industry  consortiums  such 
as  Isocore  and  the  MPLS/Frame  Relay 
Alliance  are  holding  multivendor  interop¬ 
erability  events.  This  progress  should  see 
VPLS  as  a  standard  offering  in  2004. 

Newell  is  product  marketing  manager  for 
TiMetra  Networks.  He  can  be  reached  at 
lnewell@timetra.  com 


Dr.  Internet 


By  Steve  Blass 


Some  newer  browsers  block  our  e-commerce 
site's  cookies  because  we  don't  have  a  compact 
privacy  policy.  How  do  we  implement  one? 


Compact  privacy  policies  are  part  of  the  World 
Wide  Web  Consortium's  Platform  for  Privacy 
Preference  (P3P)  specification.  In  P3P  1.0,  com¬ 
pact  policies  describe  privacy  policies  for  cookies 
through  additional  HTTP  headers  sent  to  the 
browser  along  with  the  cookies.  P3P  headers  point 
to  the  URL  of  the  site's  P3P  Policy  Reference  file 


and  deliver  the  compact  privacy  policy  as  a  space- 
delimited  string  of  tokens.  Both  can  be  sent  in  one 
header.  P3P  headers  should  be  sent  before  Set- 
Cookie  headers.To  implement  compact  policies, 
you  need  a  P3P  Policy  file,  a  P3P  Policy  Reference 
file,  and  the  ability  to  serve  P3P  headers  to  brows¬ 
er  clients.  The  Policy  and  Policy  Reference  files  are 
machine-readable  XML  files.  See  www.nwfusion. 
com,  DocFinder:  6430  for  links  to  P3P  Policy 
Generators.  Methods  to  add  a  P3P  header  before 
your  Set-Cookie  headers  can  vary.  The  headers 


should  resemble  the  following: 

P3P:  policyref- 7w3c/p3p.xml" 

P3P:  CP-'ALL  DSP  COR  CURa  ADMa  OUR 
NOR  IND  UNI  COM  NAV  INT" 

The  XML  files  can  reside  on  a  different  server.  The 
P3P  headers  must  be  sent  by  the  server  that  se;  , 
the  cookies. 

Blass  is  a  network  architect  at  Change@Work  in 
Houston.  He  can  be  reached  at  dr.  intern?; 
@changeatwork.  com. 
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Python  wrap-up 


In  our  examination  of  the  Python  lan¬ 
guage  so  far  we’ve  looked  at  the  basics, 
some  of  the  advanced  stuff  and  a  few 
architectural  elements.  This  week  we’ll 
look  at  Python  in  practice. 

Back  in  the  first  part  of  this  series  on 
Python  we  ran  up  the  interpreter  and 
talked  about  running  IDLE, the  Python  user 
interface  (really  a  glorified  command-line 
environment).  Python  also  can  be  run 
directly  from  the  system  command  line. 
You  also  can  configure  all  sorts  of  operat¬ 
ing  parameters, such  as  where  modules  are 
loaded  from,  what  Python  file  should  be 
run  automatically  on  start-up  and  what  de¬ 
bugging  options  should  be  used. 

How  you  set  these  parameters  will 
depend  on  which  operating  system  you  are 
running.  On  the  Macintosh  there's  a  sepa¬ 
rate  utility  for  editing  the  configuration  file; 
under  Windows  and  Unix  you  specify  the 
parameters  or  file  containing  them  on  the 
command  line. 

Now  remember:  Python  is  a  script  lan¬ 


guage  —  the  Python  interpreter  reads  a 
plain  text  source  file  and  translates  it  to 
byte  code  or  intermediate  language.  This 
byte  code  is  saved  in  a  file  of  type  .pyc  in 
the  same  subdirectory  as  the  source  file 
(its  file  type  will  be  .py). 

Python  is  smart  enough  to  keep  the  inter¬ 
preted  byte-code  version  and  use  it  instead 
of  the  source  version  for  subsequent  pro¬ 
grams,  as  long  as  the  date  and  time  stamp 
on  the  original  .py  file  aren’t  later  than  the 
.pyc  file.  The  .pyc  files  are  platform-inde¬ 
pendent  so  a  common  directory  can  be 
shared  over  a  network. 

Another  form  of  byte-code  file  Python 
creates  are  files  of  the  type  .pyo,  which  are 
optimized  by  removing  certain  control 
statements.  This  type  also  can  cause  prob¬ 
lems  and  prevent  successful  execution. 

Although  .pyc  and  .pyo  files  run  no  faster 
than  starting  with  the  original  source  file, 
you  lose  the  load  time  it  takes  for  the  inter¬ 
preter  to  read  the  source  file  and  translate 
it  to  byte  code  (which  can  be  significant). 

As  it  happens,  you  can  use  the  .pyc  and 
.pyo  files  for  distribution  because  it  is  not 
easy  to  reverse-engineer  these  formats. 

In  the  first  part  we  mentioned  that  Python 
can  be  used  as  a  Common  Gateway  Inter¬ 
face  interpreter.  Under  Microsoft’s  Internet 
Information  Server  you  can  install  Python 


through  the  Internet  Services  Manager. 
Open  the  properties  of  the  individual  ser¬ 
ver  you  want  to  change,  or,  if  you  want  to 
apply  the  service  to  all  Web  servers,  use  the 
WWW  Service  Master  properties.  On  the 
Home  Directory  tab  under  the  Application 
Settings  click  the  Configuration  button. 

This  shows  the  defined  file  handlers.  Click 
the  Add  button  and  enter  the  following: 

Executable:  “<path>\python.exe”  -u  “%s” 
“%s” 

Extension:  .py 

Change  the  <path>  to  match  the  path  to 
the  Python  executable  and  then, optionally 
add  similar  entries  for  the  extension  .pyc 
and,  if  you  plan  to  use  it,  .pyo.  The  quotes 
are  important.  Also  note  that  the  switch  “-u” 
is  required  to  use  unbuffered  binary  input 
and  output  (this  means  each  character  is 
sent  and  received  immediately  as  a  full 
eight-bit  character  —  buffering  must  not  be 
used  in  a  CGI  environment). 

But  wait!  There’s  more! 

Spyce  (see  www.nwfusion.com,  Doc- 
Finder:  6334)  is  a  server-side  language  that 
provides  Python-based  dynamic  HTML 
generation  a  la  JSP  or  ASP  Spyce  is  Python 
embedded  in  HTML.  It  also  can  be  used  as 
a  command-line  utility  for  static  text  pre¬ 
processing  or  as  a  Web  server  proxy 

Spyce  consists  of  a  small  core  module 


with  additional  modules,  including  access 
to  HTTP  requests,  generation  of  HTTP  re 
sponses  and  error  handling.  A  preliminary 
release  of  workflow  automation  also  is 
available  that  provides  state  machine 
based  application  design. 

Other  Python-based  projects  include: 

•  SimPy  (DocFinder:  6335):  A  freeware 
process-based  discrete-event  simulation 
language  based  on  standard  Python  that 
provides  all  the  components  of  a  simula¬ 
tion  model. 

•  Mailman  (DocFinder:  6336):  A  free  Web- 
integrated  mailing  list  manager  that  offers 
built-in  archiving,  automatic  bounce  pro¬ 
cessing,  content  filtering,  digest  delivery 
and  spam  filtering. 

•  Zope  (DocFinder:  6337):  An  open 
source  application  server  that  provides 
content  management,  portals  and  custom 
applications  written  in  Python,  and  in¬ 
cludes  a  built-in  Web  server  and  search 
engine. 

Python  is  a  remarkable  language  that  def¬ 
initely  should  be  considered  for  projects 
ranging  from  routine  network  manage¬ 
ment  tasks  and  applications  support  to 
driving  serious  enterprise  solutions. 

If  you1  re  using  Python,  let  us  know!  Brag 
away  at  gearhead@gibbs.com. 


Quick  takes 
on  high-tech  toys 

By  Keith  Shaw 


Over  the  past  few  weeks,  several  companies  launched 
new  projectors  for  showing  your  PowerPoint  presen¬ 
tations  and  watching  your  new  favorite  DVD.  Some 
new  features  include  wireless  (802.11b)  connectivity  and 
enhanced  brightness  or  color  levels  to  help  enhance  pre¬ 
sentations  or  movie  watching.  Here’s  a  quick  roundup: 

•  HP  announced  two  series  of  projectors  —  the  xp8000 
series  (two  models)  and  the  vp6100  series  (two  models). 
The  xp8000  series  is  designed  for  professional  audiovisual 
use  and  includes  HP’s  dual-color-wheel  technology,  which 
provides  switching  between  three  presentation  modes  — 
business-graphics,  theater-video  and  super-bright  —  let 
users  pick  which  feature  (bright  colors  for  presentations, or 
shaipness  for  theater-video, or  just  bright  whites)  they  want 
the  projector  to  highlight. 

The  xp8010  (about  $5,000,  available  next  month)  pro¬ 
vides  2,600  lumens  of  brightness,  and  the  xp8020  (no 
price  available)  provides  3,300  lumens.  A  wireless 
adapter  will  be  available  next  month  for  $699,  HP  says. 

The  vp6100  is  a  value-based  series  aimed  at  the  edu¬ 
cation  and  government  market,  the  company  says. The 
vp6U0  provides  1,500  lumens  of  brightness,  and  the 
vp6120  pr  vides  2,000  lumens.  The  vp61 10  is  priced  at 
$1,500, the  vp6120  at  about  $2,000. 

•  Canoi.  launched  its  LV-7555  LCD  projector,  which 
projects  at  4,600  lumens  and  has  a  900:1  contrast  ratio, 
the  compan;  says.  Tire  projector,  which  costs  about 
$8,000  and  wnl  be  available  next  month,  is  suitable  for 


Vendors  launch  bevy  of  #  projectors 


large  auditoriums  and  conference 
rooms.  It  includes  a  “silent  mode”  that 
reduces  fan  noise  to  35  decibels.  The 
optional  Network  Imager  can  be 
attached  to  the  projector,  which  offers 
Ethernet  connectivity  to  let  IT  managers 
perform  functions  remotely.  With  the  network 
adapter,  IT  managers  can  receive  e-mailed  status  alerts, 
such  as  when  a  projector  lamp  goes  bad. 

•  Mitsubishi  Digital  announced  two  projectors  —  the 
Mini-Mits  XD50U  and  the  HC2  Home  Cinema  ColorView 
projector. The  XD50U  is  a  lightweight  (3.4  pounds)  Digital 
Light  Processing  projector  with  1,500  lumens  of  brightness 
and  a  1 ,500: 1  contrast  ratio.  It  costs  about  $3,500  and  will  be 
available  later  this  month,  Mitsubishi  Digital  says. 

The  HC2  projector  is  aimed  at  the  home  theater  market, 
and  includes  support  for  4:3  and  16:9  aspect  ratios, 
Mitsubishi  Digital  says.  The  projector  has  1,100  lumens  of 

■  •-  ... 


The  HC2  Home  Cinema  ColorView  projector  lets  users  switch 
between  two  extra  video  sources,  such  as  DVD  player  or  VCR. 


InFocus'  LP120  projector,  seen  here 
with  the  LiteShow  adapter,  is  small 
enough  to  fit  in  a  glove  compartment 
LiteShow  enables  wireless  connectivity 
for  any  projector. 

brightness  and  a  600:1  contrast  ratio,  and 
weighs  6.4  pounds.  Remote  control  lets  users 

switch  between  two  extra  video  sources,  such  as  a  DVD 
player  or  VCR.  The  HC2  costs  about  $2,000.  Go  to 
www.nwfusion.com,  DocFinder:  6341,  for  more  details. 

•  Benq  also  announced  new  projectors.The  PB2220  is  a 
3-pound  projector  that  offers  1,700  lumens  of  brightness 
and  a  2,000:1  contrast  ratio.  It  costs  about  $3,000.  The 
PB2120  (same  projector,  but  with  SVGA  support)  has  1,200 
lumens  of  brightness  and  a  2,000:1  contrast  ratio, and  costs 
about  $2,200.  Both  projectors  will  be  available  in  July. 

The  PB7220  is  a  5.6-pound  projector  with  2,500  lumens  of 
brightness  and  a  2,000:1  contrast  ratio.  It  will  be  available 
next  month  for  about  $5,500. 

The  PB8230  is  a  “crossover  digital  projector”  —  for  use  at 
work  and  home.  It  provides  2,500  lumens  of  brightness  and 
has  a  2,000:1  contrast  ratio.The  projector,  which  is  priced  at 
about  $5,000,  will  be  available  by  the  end  of  the  month. 

•  InFocus  launched  the  LP120,  which  weighs  less  than  2 
pounds  and  is  small  enough  to  fit  into  the  glove  compart¬ 
ment  of  a  car.The  LP120  has  1 ,100  lumens  of  brightness  and 
a  2,000:1  contrast  ratio.  Pricing  has  not  been  announced, 
and  the  projector  is  expected  to  ship  this  summer. 

InFocus  also  announced  a  wireless  LAN  adapter  that 
attaches  to  any  projector  with  a  standard  MI-DA  or  MI-D 
connector.  With  the  adapter,  users  can  run  presentations 
via  a  wirelessly  enabled  notebook.  The  LiteShow  adapter 
will  be  available  this  summer  for  about  $500,  InFocus  says. 

Shaw  can  be  reached  at  kshaw@nww.com. 
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Avocent  Corporation 

DSR800 

(256)  430-4000 
www.avocent.com 
Booth  #3809 

Avocent’s  DSR800,  designed  for  local 
and  remote  server  access  and  control 
in  lower-density  applications  and  dis¬ 
tributed  locations,  is  a  cost  effective 
8-port  KVM  switching  system.  The 
DSR800  offers  access  through  TCP/IP 
connections,  dramatic  reduction  in 
cable  volume,  and  optimal  scalability 
and  flexibility  analog  KVM  access  at 
the  rack,  and  IP  connectivity  at  the 
desk  —  anytime,  anywhere. 
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CrossTec  Corporation 

NetOp  Remote  Control 
NetOp  School 

(800)  675-0729  •  (561)  391-6560 
www.Net0pUSA.com  •  www.GrossTecCorp.com 
Booth  #4017 

New  NetOp  Remote  Control  v7.6, 
winner  of  PC  Magazine’s  Editor's 
Choice  Award,  features  a  wealth  of 
improvements  including  faster  speed, 
support  for  Windows  Server  2003  and 
powerful  new  security  enhancements. 
Customers  can  now  use  a  PDA,  note¬ 
book,  tablet  or  desktop  PC  to  remotely 
control  Windows,  Linux,  Solaris  or 
Mac  workstations. 
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Because  Performance  Counts 

Ixia 

(818)  871-1800 
www.ixiacom.com 
Booth  #3825 

Ixia,  a  leading  provider  of  high-speed 
performance  analysis  systems,  will  be 
demonstrating  its  eWEEK  Excellence 
Award  winning  Enterprise  application 
testing  solution  called  the  Real  World 
Traffic™  Suite. The  Suite  integrates 
the  best  of  Ixia  hardware/software 
solutions  and  third-party  test  applica¬ 
tions  in  the  world’s  first  combined 
software  application  and  line-speed 
network  testing  platform. 
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nexhraOne 


A  PLATINUM  EQUITY  COMPANY 


NextiraOne 
(713)  307-4000 
www.Nextira0ne.com 

With  more  than  500,000  implementa¬ 
tions,  global  scope,  close  to  half  of  the 
Fortune  50  as  customers  and  a  proven 
ability  to  provide  measurable  business 
value  to  our  customers,  NextiraOne  is 
a  leading  provider  of  network  solutions 
and  services.  The  Houston-based  com¬ 
pany  delivers  world-class  solutions  and 
LifeCycleSM  services  from  planning  and 
design,  through  the  implementation, 
support,  and  management  of  voice, 
data,  and  converged  communications 
networks.  NextiraOne  offers  consulta¬ 
tion  and  solutions  development  ranging 
from  contact  center  applications  and 
network  infrastructure  outsourcing  to 
managed  services. 
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Rose  Electronics 

UltraLink,  KVM  access  over  IP 

(800)  333-9343  •  (281)  933-7673 

www.rose.com 

Booth  #2128-2130 

UltraLink  sets  a  new  standard  in 
remote  management  of  server  room 
environments. The  UltraLink  digitizes, 
scales,  compresses,  and  encrypts  the 
remote  computer's  video,  and  packe- 
tizes  it  into  the  TCP/IP  protocol.  This 
process  allows  you  to  access  remote 
computers  from  anywhere.  Call  Rose 
to  learn  more  about  KVM  Access  over 
IP,  KVM  Switches,  and  Extenders. 


TPIDWIRr 
I  ni  r  Win  t 


Tripwire,  Inc. 

Tripwire  for  Servers 
Tripwire  for  Network  Devices 

(503)  276-7500 
www.tripwire.com 

Tripwire  delivers  Integrity  Management 
solutions  for  IT  security  and  operations 
staffs  so  they  can  reduce  operational 
risk  by  effectively  controlling  change 
to  IT  systems,  regardless  of  the  source. 
Managing  integrity  is  essential  to 
ensure  systems  security,  audit  and 
compliance  and  closing  the  loop  on 
change  and  configuration  management 
processes. 


■  ■  vs 
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EDITORIAL 

John  Dix 

Experts  help 
squeeze  deals 
out  of  carriers 

Are  you  paying  2  cents  per  minute  for  on-net  voice?  if 
not,  maybe  it’s  time  to  bring  in  some  expert  help.  With 
carrier  bills  still  accounting  for  a  large  part  of  the  net¬ 
work  budget,  it’s  hard  to  ignore  the  claims  of  telecom  nego¬ 
tiating  pros  who  say  they  are  helping  clients  chop  huge 
chunks  out  of  their  voice,  wireless  and  data  bills. 

Take  G2,  a  3-year-old,  five-person  boutique  in  Pinehurst, 
N.C.  Co-founder  and  COO  Jeffery  Carlson  says  his  cus¬ 
tomers  are  averaging  35%  savings,  but  the  swing  is  from 
20%  to  70%. 

“The  major  carriers  all  price  to  market  average,  and 
unless  expertly  negotiated,  it  is  likely  your  company  will 
receive  an  average  telecommunications  contract,”  G2 
argues.'The  carriers  . . .  give  customers  the  perception 
they  have  obtained  the  best  possible  rates  and  terms. 
Common  sense  dictates  that  not  every  company  can  . . . 
receive  the  best  contract.” 

Like  competitors  Telwares  and  TechCaliber,G2  is  staffed 
by  telecom  contract  experts,  many  of  them  having  come 
from  the  carrier  side,  so  they  know  all  the  inside  tricks. 

“We  know  how  to  identify  weaknesses  in  the  carriers’ 
position  and  leverage  that,”  Carlson  says. 

The  negotiating  firms  typically  are  paid  a  percentage  of 
the  savings  generated.  Carlson  says  they  get  10%  to  25%  of 
the  savings,  depending  on  the  engagement. 

And  the  savings  isn’t  created  by  pushing  clients  to  fly-by- 
night  carriers. 

“Seventy-five  percent  of  the  time  the  incumbent  keeps 
the  business,”  Carlson  says.“Ninety  percent  of  the  time  the 
business  goes  to  a  Tier-1  carrier.” 

The  network  architect  of  a  Fortune  500  company 
backed  that  up.  His  company  called  in  G2  to  help  negoti¬ 
ate  an  AT&T  contract  and  ended  up  with  33%  savings.  He 
said  that  G2  “was  easy  to  work  with  and  knowledgeable 
about  the  industry” 

This  user’s  biggest  savings  were  on  the  data  side,  where 
volume  is  going  up,  but  he  wouldn’t  reveal  details.  On  the 
voice  side,  however,  the  company  is  now  paying  2  cents 
per  minute  for  on-net  to  on-net  calls  (where  AT&T  pro¬ 
vides  the  local  T-l  lines  into  the  cloud)  and  2.5  to  3  cents 
per  minute  for  on-net  to  off-net  traffic.That’s  typically  a 
price  that  much  larger  companies  get,”  he  says. 

He  also  was  pleased  that,  although  his  new  contract  is 
for  three  years,  escape  clauses  would  let  him  exit  earlier, 
if  needed. 

Carlson  says  customers  generally  can  expect  5%  to  10% 
greater  discounts  on  data  than  they  can  generate  on  the 
voice  side  With  wireless,  reductions  average  50%. 

Apply  these  percentages  to  bills  featuring  strings  of 
zeros  and  you're  suddenly  talking  real  money. 

—  John  Dix 
Editor  in  chief 
jdix@nivw.com 
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opinions 


Theory  of  evolution 

Regarding  Mark  Gibbs’  Backspin  column  “Fables  and 
morals”  (www.nwfusion.com,  DocFinder:  6322):  The 
next  fable  should  cover  evolution  or  adaptation.  No 
matter  what  AOL,  Microsoft  and  Yahoo  do  to  block 
spam, spammers  will  evolve  to  get  around  them.  I  just 
received  an  alarming  indication  of  this  evolution.  I 
often  end  my  e-mails  with  a  (hopefully)  funny  mis¬ 
spelled  or  made-up  name.  I  just  got  a  spam  with  one 
of  these  names  in  the  “To”  field.  1  only  ever  use  these 
names  in  the  text  body  never  as  a  visible  alias  any¬ 
where  else.  How  did  the  spammer  get  my  name? 
Whether  it  was  electronic  snooping,  bribing  my 
friends  to  forward  my  e-mails  or  some  other  means, 
to  me  it  represents  an  escalation  of  hostilities. 

Andrew  Stodart 
Halifax,  Nova  Scotia 

Tweak  needs  tweaking 

I’ve  enjoyed  Mark  Gibbs’  series  of  Gearhead 
columns  on  Windows  registry  but  wanted  to  let  him 
know  that  in  his  column  “Tweaking  the  registry” 
(DocFinder:  6323), tweak  4, “Change  the  dialog  box,” 
can  be  accomplished  without  going  into  the  registry 
Open  the  Local  Policy  Editor/Local  Policies/Security 
Options  and  you’ll  find  the  same  setting  there.This  is 
much  easier  than  navigating  through  hives.  Doing  it 
through  the  registry  however,  makes  it  easier  to  make 
the  same  changes  to  many  computers. 

Todd  Colvin 
Computer  training  specialist 
Search  Group 
Sacramento,  Calif. 

Going  to  pot 

The  juxtaposition  of  Paul  McNamara’s  ’Net  Buzz  col¬ 
umn  on  Internet  gambling  (DocFinder:  6324)  with 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix.  editor  in 
chief,  Network  World,  1 18  Turnpike  Road,  Southborough,  MA  01 772. 
Please  include  phone  number  and  address  for  verification. 


Mark  Gibbs’  Backspin  column  mentioning  the  U.Ki 
Internet-enabled  toilets  (DocFinder:  6325)  has  given 
me  an  idea  to  suggest  to  New  York  City  which  for 
decades  has  been  fussing  about  its  lack  of  public 
toilets  and  the  maintenance  costs  of  those  it  pro¬ 
vides.  New  York  should  install  streetside  potties  such 
as  those  planned  for  the  U.K.,  but  make  sure  the 
home  page  for  all  those  com-poopers  is  a  city-oper¬ 
ated  gambling  site.  Or,  if  they  preferred,  the  potty 
patrons  could  shoot  online  craps. 

Dan  Chain 
Cheshire,  Conn. 

Herd  mentality 

Regarding  the  story  “IT  job  picture  remains  bleak” 
(DocFinder:  6326): There  was  a  time  when  manage 
ment  used  criteria  to  make  decisions.  Now  it  seems 
that  management  has  turned  to  the  herd  mentality. 
Outsource  equals  good;  hiring  equals  bad.  And  the 
accountant  spreadsheets  probably  can  “prove”  the 
wisdom  of  this  approach. 

It’s  like  what  managed  care  did  for  the  healthcare 
industry.  We  were  told  that  introducing  a  new  profit¬ 
taking  player  into  the  healthcare  money  stream 
would  improve  service  and  lower  cost.  Even  though 
this  makes  no  sense,  the  healthcare  industry  went 
that  way  Is  your  healthcare  better  or  cheaper  today? 

Ken  Weber 

Exeter,  N.H. 

Not  the  first 

Regarding  the  story  “IBM  spinoff  aims  to  secure 
servers”  (DocFinder:  6327):  While  these  devices  are 
fairly  new,  I  wouldn’t  say  14  South  Network’s  PCI  fire 
wall  (IntraLock)  is  “the  first  of  its  kind.”SnapGear  has 
already  shipped  such  a  product, and  it  appears  there 
is  a  similar  product  on  the  market  from  NetMaster. 

Dan  Bremner 
President 

Castema  Technology  Services 
Arlington  Heights,  Ill. 


More  online!  www.nwfusion.com  Find  out  what  readers  are  saying  about  these  and  other  topics.  DocFinder  6321 
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INTERNET  ADVISOR 

Daniel  Blum 

Security  Assertion  Markup  Language  and 
Liberty  Alliance  specifications  for  feder¬ 
ated  identity  are  in  early  adoption  and 
offer  advantages  to  large  organizations. 
Creating  a  single-sign-on  (SSO)  environment  for  the  Web  is  painful 
without  federated  identity  because  many  applications  have  their  own 
concept  of  a  “session.”  In  practice,  this  means  that  in  addition  to  a  secu¬ 
rity  portals  encrypted  SSO  cookie, applications  deposit  their  own  cook¬ 
ies  on  users’  desktops.  Strange  or  unpredictable  behavior  can  result 
when  cookies  have  different  time-out  periods,  or  when  users  log  on 
from  within  an  application  rather  than  at  the  portal  level. 

These  and  other  integration  problems  can  reduce  reliability  especi¬ 
ally  as  a  corporation  increases  the  number  of  interconnections  it  sup¬ 
ports  with  external  sites,  users  and  applications.  Moreover,  when  you’re 
trying  to  extend  SSO  across  external  Web  applications  through  tradi¬ 
tional  means,  many  interconnections  require  customization  —  extra 
code,  proxy  accounts  or  even  proxy  machines  —  to  implement. 

By  leaving  behind  complex  application  security  integration  schemes 
in  favor  of  the  loosely  coupled,  disconnected  session  security  that 
SAML  offers,  corporations  will  find  it  is  easier  to  create  reliable  pro¬ 
cesses  and  transactions  that  cross  multiple  Web  sites. 

Companies  also  can  reduce  other  identity-management  challenges, 
such  as  help  desk  calls  for  password  reset.  Particularly  in  the  case  of 
business-to-business  interactions,  corporations  can  accept  SAML 
authentication  assertions  from  their  trading  partner  instead  of  main¬ 
taining  accounts  for  external  users. 

Alternatively  as  vendors  demonstrated  in  21  Liberty  Alliance  imple¬ 


SAML,  Liberty  offer  identity  gains 


mentations  at  the  RSA  Security  Conference  in  April,  it’s  possible  to  link 
user  accounts  or  profiles  across  multiple  sites  using  Liberty’s  “opaque 
identifier”  and  getting  users’  permission  ahead  of  time.  In  many  cases, 
only  one  of  many  sites  needs  to  act  as  the  identity  provider  (IDP)  and 
maintain  passwords  for  users.  In  other  cases,  users  log  on  to  any  site  act¬ 
ing  as  an  IDP  and  still  experience  federated  SSO’s  convenience. 

Some  project  managers  already  have  interconnected  multiple  sites  or 
applications  to  their  federated  identity  environments,  but  others  report 
difficulty  getting  buy-in  from  business  application  owners  or  external 
partners.  Generally  “800-pound  gorilla”  corporations  at  the  center  of 
their  own  trading  hubs  aren’t  having  too  much  trouble  getting  partners 
for  federated  identity  Otherwise, your  results  will  vary 

It  might  make  sense  to  start  your  journey  toward  federated  identity  by 
using  SAML  or  Liberty  as  a  way  to  integrate  some  in-house  or  business- 
to-employee  applications  initially  Consider  making  SAML  a  mandatory 
capability  for  new  applications  and  security  infrastructure  rollouts. 
From  a  policy  perspective,  prepare  for  breaches  on  either  side  of  your 
federation  by  adding  procedures  for  cooperative  risk  management  and 
dispute  resolution  to  business  agreements  or  service-level  agreements. 
Consider  providing  technical  and  business  documentation  for  newbies 
to  review.  And  be  careful  to  set  the  right  expectations  for  progress  based 
on  your  position  in  the  industry  ecosystem  and  your  internal  IT 
environment. 
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Blum  is  senior  vice  president  and  research  director  with  Burton 
Group,  an  integrated  research,  consulting  and  advisory  service.  He  can 
be  reached  at  dblum@burtongroup.com. 


REALITY  CHECK 

Thomas  Nolle 


ionfused  by  all  this  technology  evolu- 
,  tion?  Take  a  lesson  from  Darwin.  If  you 
'  want  to  see  how  an  ecosystem  evolves, 
study  the  animals.  That’s  why  Ciena’s  recent 
acquisition  of  WaveSmith  Networks  and 
Tellabs’  recent  acquisition  of  Vivac  could  be 
bellwether  events.  Watching  dinosaurs  adapt 
to  change  is  a  good  way  to  watch  evolution  in  practice. 

Tellabs  is  a  venerable  survivor  of  the  days  of  digital  cross-connects 
and  leased  lines.  Ciena  is  a  survivor  of  the  optical  hype  collapse,  a 
company  that  learned  how  to  produce  a  bunch  of  cheap  bits  but 
couldn’t  find  a  way  to  turn  them  into  profits  for  its  carrier  buyers.  So 
how  is  it  that  both  companies  turned  to  a  similar  strategy  —  evolve  to 
a  new  market  mission  by  absorbing  a  start-up? 

One  clue  is  that  both  WaveSmith  and  Vivace  make  ATM-centric  IP  ser¬ 
vice  switch  boxes.  Everyone  knows  that  TDM  is  passe,  a  view  the  FCC’s 
February  ruling  reinforced  by  giving  the  regional  Bell  operating  com¬ 
panies  unbundling  immunity  for  packet  infrastructure.  Similarly,  every¬ 
one  knows  that  service  switch  products  that  offer  users  IP  and  frame 
relay/ATM  service  interfaces,  and  support  Multi-protocol  Label 
Switching,  have  figured  prominently  in  both  RBOC  and  interexchange 
carrier  plans.  So  we  can  say  that  the  two  dinosaurs  see  the  same  mar¬ 
ket  climate  in  the  future,  and  not  surprisingly  see  the  same  path  to  suc¬ 
cess.  What’s  less  clear  is  how  Ciena  and  Tellabs  expect  service  switches 
to  help  them  evolve  out  of  their  current  market  positions. 

For  an  optical  player  such  as  Ciena,  a  service  switch  product  could 
provide  a  traffic  on-ramp  for  the  rest  of  its  product  family  It’s  pretty  clear 
that  selling  users  OC-48  private  lines  is  a  nonstarter,  so  a  SONET Avave- 
length  division  multiplexing  optical  network  player  needs  to  have 
some  sort  of  service-creating  equipment  in  front  of  its  optical  layer  to 
provide  users  what  they  want  to  buy  —  services  such  as  frame  relay 
and  IPCiena  apparently  saw  this  requirement  emerging  a  few  years  ago 
and  made  investments  in  Equipe  and  WaveSmith  to  prepare  a  position 


Evolution  by  absorption 


for  itself  when  the  network  market  resumed  growing. 

Ciena  has  a  nice  network  diagram  on  its  Web  site,  which  shows  how 
WaveSmith  and  Equipe  (in  which  Ciena  still  has  an  equity  stake)  play 
in  creating  multiservice  edge,  metropolitan  and  core  networks.  Wave- 
Smith  gives  Ciena  an  electrical  edge  to  its  optical  strategy,  but  it  still  has 
an  electrical  core  option  with  Equipe. 

Tellabs,  long-time  champion  of  all-optical  networking,  clearly  now 
also  sees  the  need  for  a  service  switch  on-ramp.  The  real  question  is 
whether  an  optical  core  can  provide  those  Layer  2  and  3  services  with 
no  internal  electrical  devices  —  Tellabs’  deal  with  Vivace  gives  it  a  ver¬ 
sion  of  WaveSmith,  but  not  Equipe. 

It’s  likely  that  Tellabs’  acquisition  of  Vivace  is  a  response  to  the  Ciena/ 
WaveSmith  deal  rather  than  direct  strategic  thinking.  But  this  doesn’t 
mean  that  Tellabs  won’t  have  to  do  some  thinking,  and  quickly  The 
company  now  is  forced  to  articulate  a  vision  of  the  all-optical  network 
that’s  based  entirely  on  service-edge  electrical  devices.  Tellabs  has  to 
develop  the  Vivace  product  into  a  core  switch  as  well  as  an  edge 
switch,  or  find  an  “Equipe-like”  packet  core  device  that  will  let  Tellabs 
draw  the  same  diagrams  of  customer  networks  as  Ciena  now  can  draw. 

But  pictures  won’t  be  enough. The  Jupiter/Lucent  alliance  brings 
depth  to  the  electro-optical  networking  arena,  and  substance  in  prod¬ 
ucts  and  positioning  will  be  needed  to  counter  it.  Ciena’s  announce¬ 
ment  last  month  of  its  LightWorks  Services  initiative  is  a  step  toward 
both,  but  not  a  delivery  of  either. Tellabs  has  nothing  at  all, yet. 

Absorbing  companies  isn’t  the  same  thing  as  absorbing  ideas. 
Companies  rarely  make  major  strategic  changes  successfully  by  im¬ 
porting  technology  elements  without  importing  strategic  thoughts 
along  with  the  products.  Gluing  feathers  on  a  dinosaur  doesn’t  create  a 
bird.  We’ll  see  if  gluing  service  switches  on  an  optical  player  creates  a 
market  winner  —  or  survivor,  at  least. 

Nolle  is  president  of  CIMI  Corp.,  a  technology  assessment  firm  in  Voor- 
hees,  N.J.  He  can  be  reached  at  (856)  753-0004  or  tnolle@cimicorp.  com. 
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NetOp 

Remote  Control 


Secure  remote  control 
for  large  networks 


software 


Moving  expertise  -  Not  people 


REAL  SECURE 


REAL  CROSS-PLATFORM 


In  an  ideal  world,  organizations  would  have  uniform 
hardware  and  software  across  their  entire  network. 
However ,  in  reality  this  is  seldom  the  case.  Most  large 
networks  are  a  patchwork  of  PCs  and  platforms. 

NetOp  is  the  secure  remote  control  program  designed 
specifically  to  complement  large,  diverse  networks. 
How?  Well  for  one  thing  NetOp  supports  an  unprece¬ 
dented  range  of  platforms,  granting  you  access  to  more 
than  20  different  operating  systems.  NetOp  is  also  the 
only  remote  control  software  on  the  market  offering 
truly  centralized  security.  That  means  you  can  not  only 
control  authentication,  but  also  authorization  all  from 
one  central  location.  Finally,  NetOp  enables  you  to 
effortlessly  install  pre-configured  modules  throughout 
your  entire  enterprise  while  also  interfacing  seamlessly 
with  all  commonly  used  management  console  and  help 
desk  systems.  This  makes  NetOp  easy  to  integrate  into 
your  existing  environment. 

For  fast  remote  control  software  as  broad  and  varied 
as  your  network,  try  NetOp  Remote  Control. 


NetOp  offers  a  wide  range  of  variable  security 
features.  Security  barriers  include  multiple 
passwords,  IP  address  checks,  closed  user 
groups,  authentication,  call-back,  user  con¬ 
trolled  access,  and  authorization.  Virtually  all 
options  can  be  centrally  controlled.  In  addition, 
automated  timeouts  and  256-bit  encryption 
provide  intrusion  protection,  while  session 
recording  and  event  logging  help  detect 
intrusion  attempts. 


Designed  to  complement  large,  complex 
networks,  NetOp  supports  all  commonly  used 
platforms.  That  means  all  Windows  systems 
(including  Windows  Server  2003),  Active  X,  Mac 
OS  X,  Linux,  Solaris  and  even  Symbian  OS, 
Tablet,  and  CE  based  handhelds.  The  NetOp 
Gateway  securely  routes  NetOp  traffic  between 
different  protocols  allowing,  among  other  things, 
communication  with  Terminal  Services  sessions, 
and  solves  firewall  connectivity  issues. 
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Download  a 
fully-functional 
trial  copy  at 

www.NetOpUSA.com 


-jR  Cross  Tec 

Corporation 

CrossTec  Corp. 

500  NE  Spanish  River  Blvd. 

Boca  Raton.  FL  33431 

Toll  free  sales  and  support:  800.675.0729 

www  NetOpU  SA.  com 

lnfo@CrossTecCorp.com 


Fast,  Free,  Sales  &  Technical  Support 
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■  BY  MICHAEL  KARP 


You  use  encryption  to  protect  data  as  it  moves 
across  your  wireless  network.You  use  IP  Security  to 
encrypt  data  coming  in  through  your  VPN. 
Transactions  on  your  Web  site  are  protected  via 
Secure  Sockets  Layer. 

But  what’s  protecting  your  data  as  it  sits  in  storage? 
Or  when  it  moves  from  one  storage  medium  to 
another?  Or  when  it  moves  from  a  main  storage-area 
network  to  a  remote  back-up  system? 

If  the  firewall  represents  perimeter  defense,  then  secure  storage  represents 
defense  at  your  enterprise’s  core,  protecting  the  actual  object  of  any  attack.  And 
four  vendors  —  Decru,  Kasten  Chase,  NeoScale  and  Vormetric  —  have  released 
storage  security  appliances  that  attempt  to  do  just  that. 

Defending  at  the  core  offers  the  advantage  of  protection  against  external 
attacks  and  internal  attacks,  which  might  run  the  gamut  from  a  disgruntled  super- 
user  accessing  corporate  records,  to  theft  of  back-up  tapes,  to  a  rogue  process 
accessing  unauthorized  data  because  of  a  programming  error. 

One  factor  that  makes  life  complicated  for  network  executives  is  that  they’re 
charged  with  the  conflicting  tasks  of  making  data  pervasively  available  while  at 
the  same  time  limiting  access  only  to  authorized  users. 

And  these  days,  data  is  dispersed  throughout  the  corporation  in  many  ways. 
Companies  have  large,  centralized  SANs.They  have  smaller  SANs,  typically  using 
either  Fibre  Channel  or  iSCSI  as  a  transport  mechanism,  distributed  about  the  com¬ 
pany  and  in  some  cases  hundreds  or  even  thousands  of  miles  apart.  They  have  net- 
work-attached  storage  (NAS)  devices  scattered  over  the  corporate  LAN.  And  many 
companies  still  have  their  data  stored  on  direct-attached  storage  devices. 

However,  whatever  the  storage  topology,  when  stored  data  is  accessible  by  any 
unauthorized  person  or  process  it  is  under  threat. 

-  I  N  S  I 

There's  no  silver  bullet  when  it 
comes  to  security.  You’ve  got  to 
defend  your  network  from  all 
kinds  of  attacks  using  every 
means  available.  A  new  set  of 
products  has  emerged  that 
offers  protection  for  stored 
data,  as  well  as  data  in  transit. 


SwapDrive,  an  ASP,  is  using  a  stor¬ 
age  security  appliance  to  protect 
data  and  to  generate  new  business. 


New  storage  security 
appliances  provide  protection 
at  the  network  core. 


Data  defenders 


Storage  security  appliances 


The  four  ages  of  data 

Data  exists  in  one  of  four  states  during 
its  life  cycle:  at  rest  within  some  aspect  of 
the  storage  system;  accessed  by  a  user  or 
by  some  process  (a  database,  for  exam¬ 
ple);  in  transit  on  the  WAN,  LAN  or  SAN; 
and  under  management  by  a  security 
application.  It’s  necessary  to  protect  the 
data  in  each  of  these  states;  anything  less 
likely  will  prove  to  be  no  security  at  all. 

The  new  storage  security  appliances 
address  three  of  these  data  states:  at  rest, 
in  transit  and  being  managed. 

The  secure  storage  appliance 
cometh 

Large  software  companies  such  as 
Computer  Associates  and  IBM/Tivoli  have 
offered  security  applications  for  years, 
and  many  of  their  products  are  running 
on  servers  in  some  of  largest  corpora¬ 
tions  in  the  U.S. Typically  these  are  large 
software  implementations  (often  a  part  of 
an  even  larger  software  suite)  aimed  at 
guarding  against  outside  attacks  and 
which,  correctly  or  not,  are  viewed  by 
many  as  being  the  “high-priced  spread,” 
appropriate  for  the  larger  corporation,  but 
not  applicable  to  cost-sensitive  small  or 
midsize  businesses. 

As  a  result,  CA’s  eTrust  Encryption  and 
Tivoli’s  IntrusionManager,  RiskManager 
and  other  products  often  are  ignored  — 
perhaps  undeservedly  —  by  many 
companies. 

Enter  Decru,  Kasten  Chase,  NeoScale 
Systems  and  Vormetrics  with  a  new  gen¬ 
eration  of  1U  and  2U  rack-mounted  stor¬ 
age  security  appliances.They  all  offer 
similar  features,  such  as: 

•  Appliances  that  encrypt  data  using 
the  256-bit  data  encryption  standard 
known  as  Advanced  Encryption  Standard 
(AES).  AES  is  approved  for  securing  “sen¬ 
sitive  but  unclassified  material”  by  U.S. 
government  agencies  and  is  the  de  facto 
encryption  standard  for  commercial 
transactions. 


Vendor  vitals 


•  Web-based  management  consoles  for 
ease  of  management. These  are  self- 
protected  against  any  attack  on  the  man¬ 
agement  application  and  provide  a 
secure  line  to  the  appliance. 

•  Wire  speed  throughput  —  they  say  — 
indicating  they  should  not  be  a  choke- 
point  for  data  traffic  while  they  perform 
their  security  functions. 

•  Some  deploy  software  agents  to 
servers  or  storage  devices.  Many  IT  man¬ 
agers  these  days  don’t  like  the  idea  of 
distributing  agents  that  take  time  to 
deploy  and  take  up  memory  space  on 
their  servers.  Be  advised  that  the  agents 
for  these  products  are  likely  to  have 
extremely  small  memory  footprints. 

Drilling  down 

DataFort  from  start-up  Decru  attaches  to 
a  Fibre  Channel  SAN  switch  or,  for  IP- 
based  storage  such  as  iSCSI  or  NAS,  on 
the  LAN  between  hosts  and  storage. 

Decru  offers  secure  clusters  with  active 
active  failover,  audit  trails  and  “hardened 
architecture”  for  the  appliance,  and 
requires  use  of  a  smart  card  for  access  to 
the  appliance. The  company  also  offers  a 
device  focused  on  tape  security. 

Kasten  Chase,  hardly  a  start-up,  has  pro¬ 
vided  data  security  solutions  for  a  while 
now. Their  Assurancy  SecureData  protects 
data  on  the  storage  devices  and  when  it 
traverses  the  SAN  fabric.  Data  is  encrypt¬ 
ed  on  the  storage  devices.The  appliance 
attaches  to  the  LAN,  performing  out-of- 
band  authentication  over  the  IP  network. 
Agents  for  Authentication  and  key 
exchange  services  are  loaded  on  the 
switches.  Scalability  and  load  balancing 
are  supported  via  clustering. 

NeoScale,  another  start-up,  builds  the 
CryptoStor  appliance,  a  secure  chassis-box 
with  a  “hardened  operating  system”  that 
supports  centralized  administration  of  all 
storage  security  functions  and  manage¬ 
ment  of  all  remote  appliances  from  a  sin¬ 
gle  point. When  clustered,  the  appliance’s 
failover  functions  ensure  continuity  of 
operation  is  always  available.  NeoScale 


provides  a  second  appliance  for  providing 
security  to  secondary  storage  devices. 

Vormetrics  CoreGuard  Core  Security 
System  consists  of  an  appliance  and  a 
thin  agent  deployed  to  each  server. The 
appliance  manages  access  control 
between  the  hosts  and  the  data,  connects 
to  the  hosts  via  Ethernet  and  can  support 
multiple  host  agents.These  agents  sit 
above  the  kernel  and  should  have  no 


Identifying  the  threats 


effect  on  critical  operating  system  func¬ 
tions.  Because  it  sits  between  the  server 
and  the  data,  the  appliance  should  be 
transparent  to  applications,  networks  and 
storage  topology 

Installation  and  use 

These  boxes  are  installed  and  deployed 
easily,  which  is  a  key  factor  in  accelerat¬ 
ing  time  to  value.  Web-based  interfaces 
(they  also  have  command-line  inter¬ 
faces)  to  the  management  consoles  will 
provide  ease-of-manageability  and  an 
opportunity  to  centralize  the  manage¬ 
ment  of  multiple  appliances,  whether 
they  are  distributed  or  clustered.  Each 
vendor  also  says  its  device  scales  easily. 

And  finally,  appliances  having  secure 
clustering  with  failover  capability  can  be 
considered  a  high-availability  solution. 


The  gotchas 

There  also  are  risks  of  which  you  should 
be  aware.  First,  it  is  unlikely  that  any  site 
will  ever  want  to  buy  just  one  appliance 
because  the  data  won’t  be  available  if  the 
security  appliance  goes  awayYou  will  need 
failover  capability  to  ensure  continuous 
access, and  that  comes  from  another  appli¬ 
ance.  So  there  is  a  good  chance  you  will  at 
least  be  doubling  your  expenditure. 


Second,  once  you  buy  into  a  vendor’s 
product,  you  also  are  likely  to  be  locked 
into  the  vendor. These  products  are  all 
proprietary,  and  Brand  A  doesn’t  know 
anything  about  the  proprietary  protection 
features  of  Brand  B. 

Third,  make  sure  the  product  you  select 
is  interoperable  with  your  current  storage 
assets.  Is  iSCSI  in  your  future?  Will  you  be 
getting  one  of  the  new  director  class 
switches  for  your  SAN?  If  so,  talk  to  your 
storage  vendors  about  how  well  they 
work  with  the  security  appliance  you  are 
considering. You  want  zero  impact  on  the 
functioning  of  existing  systems,  which 
means  these  devices  must  be  transparent 
to  impact  on  performance  and  to  exist¬ 
ing  management  systems. 

Fourth,  verify  that  the  product  you  buy 
will  scale  to  the  extent  you  will  need. 
After  all,  these  appliances  are  relatively 
new  technology  and  are  only  beginning 
to  create  a  track  record. Trust,  but  verify. 

Is  it  worth  it? 

Consider  the  portability  of  most  data. 
What  your  company  has  might,  inadver¬ 
tently  or  not,  go  out  the  door  on  a  dis¬ 
carded  disk  drive,  on  some  old  tape  or 
on  a  soon-to-be  lost  laptop.  Or  you 
could  be  hacked.  Either  way, your 
unprotected  data  is  in  danger  of 
becoming  somebody  else’s  information. 

Ultimately,  you  just  have  to  remember 
one  thing:  The  effort  an  adversary  puts 
into  stealing  your  data  is  likely  to  be 
proportional  to  the  value  of  the  reward. 
If  your  data  isn’t  critical,  why  bother?  If 
it  is,  the  hackers  are  out  there. 

Karp  is  an  analyst  at  Enterprise  Manage¬ 
ment  Associates.  He  can  be  reached  at 
mkarp@enterprisernanagemenl.  com. 


Four  companies  are  offering  storage  security  appliances. 


Company/ 

product 

Encryption 

Price 

Strengths 

Decru 

DataFort 

128/256-bit  AES 

SAN:  $30 K 
NAS:  $30 K 

•  Solutions  for  Fibre  Channel  SAN  and  NAS. 

•  No  software  installed  on  clients,  servers  or  storage  devices. 

•  Hardened  operating  system,  ease  of  management. 

Kasten  Chase 

Assurancy 

SecureData 

128/256-bit  AES 

SAN:  $30K 

•  Hardened  appliance  manages  authentication  and  encryption  keys. 

•  Seamlessly  integrates  into  existing  storage  environment. 

•  Compartmentalization  of  data  eliminates  threat  of  rogue  devices  attaching  to  SAN. 

NeoScale 

CryptoStor 

128/256-bit  AES 

SAN:  $35K 
Tape:  $15K 

•  Centralized  policy  and  key  management. 

•Transparent,  nondiscoverable  operation  means  appliance  cannot  be  discovered 
within  the  fabric. 

•  Software  utility  enables  recovery  of  data  even  if  the  appliance  itself  is  unavailable. 

Vormetric 

CoreGuard 

Proprietary 

MetaGuard 

AES 

SAN:  $29.5K 
agents:  $3K 

•  Prevents  malicious  host  intrusions. 

•  Protects  data  at  rest. 

•  Blocks  root  from  viewing  data. 

Data  is  vulnerable  to  different  types  of  exploits  depending  on  its  location. 


Data  state 

r-  i 

Location 

■ 

Threat 

At  rest 

Storage  system/subsystem/ 
server/backup  media/DR  sites 

Data  theft,  corruption 

In  transit 

‘‘On  the  wire”  across  a  SAN, 
LAN  orWAN/on  movable  media/ 
data-in-a-truck 

Data  theft  through  intercepting 
data  in  motion 

In  use 

Users/in  applications/on  servers 

Uncontrolled  access 

Being  managed 

Management  console 

Compromising  the  console 
compromises  the  security  system 

©2003  Quantum  is  a  trademark  of  Quantum  in  the  United  States  and  other  countries  All  other  trademarks  are  the  property  of  their 
respective  companies.  Specifications  are  subject  to  change  without  notice.  For  more  information  call  1-866-827-1500. 


ATL  M-Series 


ATL  L-Series 


DX-Series 


Storage  solutions  that  save  you  time,  save  your  data  and  save  your  hide.  In  the  world  of  data 
storage,  the  only  insurance  policy  you  need  is  Quantum.  Recognized  as  the  global  leader  in  data  protection, 
Quantum  provides  superior  data  backup  and  restore  solutions  that  you  can  depend  on  24  hours  a  day, 
seven  days  a  week.  Whether  your  information  resides  on  a  desktop  or  in  a  data  center,  Quantum  provides 
some  of  the  highest  reliability  and  availability  rates  in  the  industry. 

We've  got  you  covered.  With  capacities  ranging  from  640GB  to  766TB,  eight  to  2,394  slots, 
performance  up  to  9.2TB/hr  and  both  DLTtape™  and  LTO  technologies,  Quantum  has  the  right  tape  library 
for  any  business  need.  And  poised  to  become  the  new  backup  and  restore  standard  are  Quantum's 
Enhanced  Backup  Solutions  that  combine  the  speed  of  disk  storage  with  the  reliability  of  tape. 

Whatever  you  need,  Quantum's  got  you  covered. 

Insurance  for  your  insurance.  With  Quantum,  you'll  not  only  get  the 
best  solutions,  you'll  also  get  the  highest  level  of  installation,  warranty,  service 
and  support  options  to  complement  your  backup  systems  and  to  keep 
you  up  and  running. 

O  Speed.  Intelligence.  Confidence.  Simplicity. 

From  the  world's  leader  in  data  protection. 


Win 

a  FREE  trip  to 
COMDEX®* 


Visit  us  on  the  Web  at  www.quantum.com/comdex  and  enter  code  ADV049  to  download 
a  copy  of  "Data  Protection:  The  Bottom  Line"  and  for  a  chance  to  win  a  FREE  trip  to  COMBI 

in  Las  Vegas.  Offer  expires  6/30/03.  coot  auv : 


Making  sure  data  at  rest  stays  at  rest 


SwapDrive’s  use  of  Decru's  DataPort  to  encrypt  stored  data  leads  to  new  revenue  sources. 


■  BY  NANCY  GOHRiNG 

SwapDrive,  a  service  provider  that  backs  up  data  files  for  home  offi 
size  businesses,  was  tired  of  being  turned  down  by  doctors  offices  a 
agencies  because  it  couldn’t  meet  their  strict  security  requirements. 


ces  and  mid- 
nd  government 


SAN  plan 


In  a  Fibre  Channel  SAN,  the  Decru  DataFort  sits  between  the  app  servers 
and  storage  devices. 
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The  storage  security  appliance  encrypts  data  as  it  moves  across  the  network  and  as 
it’s  sitting  in  storage.The  second  appliance  is  for  failover  and  load  balancing. 


NAS  plan 


In  a  network-attached  storage  scenario,  the  storage  security  appliance 
sits  directly  on  the  IP  network. 
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“In  order  to  offer  this  service,  security 
has  to  be  our  middle  name,"  says  David 
Steinberg,  CEO  of  the  Washington,  D.C., 
company. 

Customers  set  up  a  time  each  day 
when  their  computers  automatically 
upload  all  new  files  and  changes  to 
existing  files  to  SwapDrive’s  servers  in 
California  and  Virginia. The  service  lets 
customers  access  files  when  they  aren’t 
at  their  own  computers  and  recover  data 
that  might  be  lost  because  of  computer 
malfunctions.  Customers  sign  up  for  the 
service  mainly  via  their  ISPs,  which 
charge  them  depending  on  how  much 
storage  they  want.  For  $8  per  month,  cus¬ 
tomers  get  200M  bytes  of  space. 

SwapDrive  has  150,000  customers  and 
stores  more  than  20  terabytes  of  data,  but 
found  it  didn’t  have  robust  enough  secu¬ 
rity  to  penetrate  some  potential  customer 
segments.  Steinberg  figures  that  he’d 
locked  up  99%  of  security  problems,  but 
that  remaining  1%  was  a  deal  breaker  for 
companies  in  industries  with  the  most 
stringent  security  requirements. 

SwapDrive  had  implemented  dual  fire¬ 
walls  with  intrusion  detection  that  it 
manages  24/7,  encryption  for  data  in 
transit  and  authentication  that  lets  the 
customer  control  his  password.  But  the 
one  place  SwapDrive’s  system  was  vul¬ 
nerable  was  data  at  rest. 

SwapDrive’s  storage  drives  are  located 
in  cages  and  protected  by  armed  guards. 
Still,  most  companies  know  that  the 
majority  of  hacker  attacks  come  from 
within  a  company 

“Sometimes  the  sawier  user  would  say, 

But  what  about  your  employees’  and  I 
had  to  say, ‘Yeah,  they  could,  but  they 
won  t ’’Steinberg  says. That  response  usu¬ 
ally  wasn’t  enough  assurance  to  con¬ 
vince  those  potential  customers  to  go 
with  SwapDrive. 

Steinberg  started  to  look  around  for 
solutions.  His  biggest  requirement  was 
that  the  product  couldn't  slow  down 
the  back-up  process.“One  of  our  service 
features  is  that  we’ll  serve  up  customer 
storage  practically  as  fast  as  you  could 


get  it  from  your  disk  drive,”  he  says.To 
keep  that  promise,  SwapDrive  wouldn’t 
settle  for  a  solution  that  slowed  down 
the  service. 

Then  Steinberg  discovered  Decru. 
“What  Decru  did  was  lock  up  that  last 
part  of  our  Achilles’  heel,”  he  says. 

Steinberg  was  impressed  by  Decru 
because  it  uses  the  Advanced  Encryp¬ 
tion  Standard  (AES),  the  security  stan¬ 
dard  approved  for  government  agen- 


cies.“Now  when  a  doctor’s  office  gives 
me  hell,  I  can  say, ‘Dude,  the  [National 
Security  Agency]  believes  in  it,  don’t 
tell  me  you  don’t,’”  Steinberg  says. 
Doctor’s  offices  must  comply  with  a 
federal  mandate  requiring  them  to  fol¬ 
low  strict  security  guidelines  for  pro¬ 
tecting  patient  information. 

Decru’s  DataFort  product  not  only 
encrypts  the  data  that  sits  on  SwapDrive’s 
storage  devices,  but  encrypts  data  as  it  is 


transferred  from  SwapDrive’s  servers  to 
the  storage  devices. 

“What  this  says  is  the  curious  guy  in 
[human  resources]  to  the  person  who 
has  more  malicious  intent  wouldn’t  be 
able  to  read  data  even  if  they’re  inside 
the  firewall,”  Steinberg  says. 

SwapDrive  considered  other  offerings 
based  on  Triple-DES,  the  previous  stan¬ 
dard  adopted  by  the  government,  but 
when  it  learned  that  Decru  had  a  prod¬ 
uct  that  uses  AES  security,  the  company 
decided  to  go  with  the  most  bulletproof 
system  available. 

SwapDrive  also  considered  Vormetric, 
which  has  products  that  use  AES,  but 
Steinberg  says  he  was  concerned  about 
throughput. 

DataFort  is  a  single  box  that  took 
SwapDrive’s  data  center  manager  about 
a  half  hour  to  install.  SwapDrive  turned  it 
on  in  November  on  a  trial  basis  and 
launched  it  fully  in  January  The  box  cost 
SwapDrive  around  $35,000. 

“Our  guess  is  we’ve  easily  recovered 
the  cost  by  the  additional  business  our 
security  has  brought  us,”  Steinberg  says. 
Since  the  implementation,  SwapDrive 
has  pursued  government  contracts  and 
has  several  deals  in  the  making,  he  says. 

DataFort  has  changed  significantly  the 
way  SwapDrive  does  business.“We’ve 
turned  a  technical  thing  into  a  huge 
marketing  focus  for  the  company” 
Steinberg  says. 

SwapDrive  is  working  on  creating  two 
classes  of  service  so  that  customers  who 
might  have  less-stringent  security  require¬ 
ments  could  choose  a  lower  cost  service 
that  doesn’t  encrypt  data  at  rest  and 
other  customers  could  pay  a  bit  more  for 
the  total  encryption  service.“We  think 
that  having  Decru  in  there  is  a  value  add 
that  could  be  charged  for,”  he  says. 

In  the  meantime,  SwapDrive  likely  will 
continue  to  add  to  the  folder  it  keeps  of 
the  most  interesting  reasons  why  its  cus¬ 
tomers  are  glad  they  back  up  their  files. 
Steinberg’s  favorite  is  the  customer  who 
spilled  a  banana  soy  shake  on  his  laptop. 


Gohring  is  a  freelance  writer.  She  can  be 
reached  at  nangohring@yahoo.com. 


More  online! 

More  information  on  storage  security. 
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Protect  your  information  with  EMC  CLARiiON: 
Disk-based,  confidence-boosting  backup 


EMC  CLARiiON  CX  SERIES 


EMC  CLARiiON®  systems  and  software  deliver  the  reliability  and  flexibility  growth- 
oriented  companies  need  to  manage  ever-increasing  amounts  of  information.  To  learn 
more  about  reliable  backup  and  recovery,  get  “Stepping  Up  to  Disk-Based  Backup”  at 

www.EMC.com/growthcompanies  or  1-866-796-6369. 


EMC2 


VELOCITY' 

PARTNER 


Find  an  authorized  EMC  business  partner  at 
www.EMC.com/partnersalliances. 


Stepping  Up 
to  Disk-Based 
Backup 


EMC2 


EMC',  EMC.  and  CLARiiON  are  registered  trademarks  and  where  information  lives  is  a  trademark  of  EMC  Corporation.  ©2003  EMC  Corporation.  All  rights  reserved. 
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What's  in  a  name? 

IT  job  titles  are  becoming  less  specific  in  favor  of  more  generic  titles  tied  to  business. 


■  BY  JENNIFER  MEARS 

Whenever  a  new  technology  was  deployed 
at  Precision  Response,  a  new  title  was 
created  right  along  with  it.  That  led  to  150 
titles  within  the  company’s  220-person  IT 
department. 

“It  seemed  like  every  time  we  had  a  new  technology, or 
a  new  anything,  we  made  up  a  title,”  says  Bill  Hicks, 
senior  vice  president  of  technology  and  CIO  at  the 
Miami  customer  services  company.“We  said, This  is  mak¬ 
ing  no  sense.’  Just  because  I’m  changing  from  develop¬ 
ing  on  Oracle  to  developing  on  Windows,  my  title 
shouldn't  change.” 

So  about  18  months  ago  Precision  Response  started 
whittling  down  its  IT  titles.  Today,  the  company  has  only 
20.  Creating  less-specific  titles  lets  Hicks  move  staff 
around  as  needed,  a  definite  plus  in  today’s  volatile  econ¬ 
omy.  “With  the  constant  change  in  technology  —  plat¬ 
forms,  reorganization  —  we  felt  it  was  easier  to  create  a 
more  generic  title  that  describes  your  band  or  level  in  the 
organization,”  he  says. 

Hicks’ direct  reports,  for  example, used  to  have  vice  pres¬ 
ident  titles  that  were  tied  to  their  areas  of  discipline, such 
as  vice  president  of  technology  services  or  vice  president 
of  IS.  Now  they’re  all  simply  vice  presidents  of  IT. 

It’s  a  practice  that  many  businesses  seem  to  be  taking 
as  they  realize  the  need  to  make  more  efficient  use  of 
IT  talent. 

“Because  of  downsizing  and  so  forth,  lots  of  companies 
are  doing  things  with  fewer  people.  So  it  really  comes 
down  to  whether  the  title  represents  what  people  are 
working  on, ’’says  Lily  Mok, a  senior  consultant  at  Feople3, 
a  Gartner  company  that  combines  IT  and  human  re¬ 
sources  expertise  to  help  businesses  get  the  most  out  of 
their  IT  workforce. 

"In  most  cases,  companies  say,  ‘Our  people  are  multi¬ 
functional  right  now.’ So  where  they  might  have  been  spe¬ 
cialists  in  the  past,  right  now  they  have  to  be  generalists 
and  work  on  many  things  at  the  same  time,” Mok  says.The 
title  to  some  point  really  doesn’t  tell  you  much.” 

Not  that  titles  no  longer  hold  value.  David  Foote,  pres¬ 
ident  and  chief  research  officer  of  market  research  and 
advisory  firm  Foote  Partners,  says  the  number  of  certifi¬ 
cations  available  to  IT  professionals  is  growing  and  a 
certification  can  mean  higher  pay. That  leads  people  to 
specialize. 

"Whether  companies  are  choosing  to  recognize  these 
specialties  [with  titlesj  is  entirely  a  matter  of  corporate 
philosophy  and  corporate  culture,"  he  says,  noting  that  he 
still  gets  calls  from  companies  looking  for  compensation 


information  for  positions  such  as  Teradata  engineer  and 
Java  developer. 

But  Foote  also  points  out  that  in  today’s  tough  economy 
professionals  with  more  general  titles  might  have  a  leg  up. 

“If  you  were  a  spe¬ 
cialist  and  you  put 
yourself  in  the 
wrong  specialty, 
you  could  have 
aced  yourself 
right  out  of  a 
job,”  he  says.  “In 
really  good  times 
specialists  make  a 
lot  of  money,  but  the 
disadvantage  of  a 
specialty  is  it’s  less 
flexible.  If  you  look  at 
generalists,  they  keep 
their  options  open,  they 
have  more  mobility.  Some 
of  these  generalists  have 
been  able  to  adapt  much 
more  quickly  in  the  down 
economy” 

At  travel  and  hospitality  con¬ 
glomerate  Carlson  Companies, 
which  owns  brands  such  as  T.G. 

Fridays  and  Radisson  Hotels  and 
Resorts,  technical  skills  are  impor¬ 
tant,  but  titles  aren’t  tied  to  those  skills. 

“Our  titles  are  more  generic  than 
they  are  specific,”  says  Renee  Bianchi, 
senior  director  of  HR  at  Carlson  in 
Minneapolis.  “For  example,  we  might 
have  people  in  network  engineering  and 
people  in  platform  support,  and  they  both 
might  be  called  technical  analysts.  What  we 
try  to  define  is  the  level  of  skill  that  they 
need,  how  much  responsibility  they  have  and 
the  scope  of  the  job." 

That  keeps  people  from  getting  pigeonholed 
into  a  certain  technology  area  and  gives  them 
more  opportunity  for  advancement. “It  makes  it 
easier  for  them  to  move  across  operating  groups 
and  move  up  because  there  is  an  expectation  that 
this  title,  regardless  of  the  technologies  that  you  sup¬ 
port,  brings  with  it  a  certain  level  of  expertise  and 
knowledge,”  Bianchi  says. 

Sometimes  looking  for  a  generic,  overarching  title  is  dif¬ 
ficult.  Rob  Kolstad,  executive  director  of  the  Systems  Ad¬ 
ministrators  Guild  (SAGE),  was  surprised  when  systems 


administrators  with  specialized  titles  such  as  network 
administrator  said  they  couldn’t  respond  to  questions 
for  his  salary  survey  because  they  felt  they  were  in  a  dif¬ 
ferent  category. 

Kolstad  launched  a  discussion  on  the  SAGE  Web  site, 
which  ultimately  moved  to  Slashdot,  asking  for  a  single 
title  to  describe  the  group  of  profes¬ 
sionals  who  keep  computer  systems 
running,  such  as  systems  administra¬ 
tors  and  network  administrators. 

“Our  attempt  to  find  an  all-encom¬ 
passing  title  has  so  far  failed, "he 
says. 

The  growing  link  between  busi¬ 
ness  and  IT  also  is  driving  some 
title  changes. 

During  the  dot-com  boom, 
Mark  Kortekaas  was  hired  as 
CTO  for  CBS  Information  Systems 
to  handle  its  Internet  properties, 
which  were  run  as  a  separate  ent¬ 
ity  Today,  Kortekaas  is  referred  to  as 
vice  president  of  operations. 

“My  title  now  is  more  descriptive: 
I’m  in  charge  of  operations,  and  the 
Internet  piece 'is  now  a  part  of 
those  operations,”  he  says.“l  still 
do  the  same  thing  1  was  doing 
before,  I  just  have  other  respon¬ 
sibilities  outside  of  the 
Internet.” 

At  Carlson,  there  is  a  greater 
focus  on  architect  positions  be¬ 
cause  of  the  need  to  integrate 
systems  and  applications  across 
the  business. “We  have  a  much 
more  strategic  plan  in  place 
around  our  enterprise  arch¬ 
itecture,  how  that  works, 
what  are  the  standards 
and  how  things  need  to  fit 
together,”  Bianchi  says. 
Another  trend  that  is  push¬ 
ing  some  changes  in  IT  titles 
is  the  move  to  outsource  non- 
critical  functions,  analysts  say. 
“What’s  retained  in  the  IT 
organization  will  have  titles 
that  are  more  of  a  higher  strategic  level  —  something 
like  resource  manager  or  project  manager,  those  kinds 
of  IT  governance  and  management  functions,”  Pfeople3’s 
Mok  says.  ■ 


nge  as  fast  as  technology, 
what’s  hot  and  what’s  not: 


Hot 

•  Chief  security  officer 

Internet/Web  architect 

Network  architect/engineer 

Database  administrator 

•  Any  security/continuance- 
related  professional 

ERP-related  professional 

Emerging 

Chief  privacy  officer 

•  Enterprise  architect 

•  Resource  manager 
•  Vendor  relationship  manager 


SOURCE  PEOPLES.  A  GARTNER  COMPANY 


KVM  switching  with  local 
and  remote  control 

Advantage:  Avocent 


EASIER  TO  USE 

•  Access  and  control  servers  from  any  location  using  Avocent's 
KVM  OVER  IP™  switching 

•  AVWorks  software  is  included  with  AutoView  1000R/2000R 
switches.  Provides  a  single  interface  to  access  servers  and 
network  devices 

•  User-friendly  interface  lets  you  organize  the  attached  servers.  Use 
logical  naming  conventions  to  group  your  servers  by  type,  site, 
location  or  department.  No  need  to  remember  each  IP  address! 

•  Wizard-based  installation  drastically  reduces  the  time  required  for 
setting  up  similar  technologies 

MORE  ADVANCED  FEATURES 

•  Servers  are  attached  using  intelligent  CAT  5  server  interface 
modules  that  reduce  cable  issues  in  the  rack 

•  Assign  granular  security  permissions  for  each  individual  port 
number  with  Java-based  AVWorks  software 

•  Comprehensive  security  includes  authentication  and  data 
transfers  using  SSL  connections 

•  Supports  DES,  3DES  and  128bit  encryption 
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KVM 

Switches 

Users 

Servers 

Platforms 

Cabling 

KVM  OVER  IP™ 
Remote  Access 

Software 

AutoView  1000R 

1  local,  1  digital 

16 

PS/2,  Sun 
USB 

CAT  5 
AVRIQ 

Yes 

AVWorks  and 
OSCAR 

AutoView  2000R 

1  local,  2  digital 

16 

PS/2,  Sun 
USB 

CAT  5 
AVRIQ 

Yes 

AVWorks  and 
OSCAR 

Also  Available 

AutoView  2000 

2  local 

16 

PS/2,  Sun 
USB 

CAT  5 
AVRIQ 

No 

OSCAR 

Call  for  an  Avocent  Authorized  Reseller  near  you 

1*866*286*2368  ext.  3006 

Special  offer  on  these  new  switches:  Download  your  free 
copy  of  Avocent's  Definitive  KVM  Buyer's  Guide  at 
www.avocent.com/guide  or  call  1-866-286-2368  ext.  3006. 

Avocent.  the  Avocent  logo,  AutoView  AVWorks,  KVM  OVER  IP  and  The  Power  of  Being  There  are  trademarks  of  Avocent  Corporation.  Copyright  £  2003 

Avocent  Corporation. 


Avocent 

The  Power  of  Being  There, 


NetworkVUorH 

~  THE  HUB  OF  THE  NETWORK  BUY 


Ability  to  connect  to  a  server  or  KVM 
switch  via  a  standard  VGA  connector 

Enter  to  WIN  a  FREE  APC  LCD  Monitor  today.  A  $2239  value! 

VMhttpS/promojpcxom  Key  Code  k882y  •  Call  888-289-APCC  x6564  •  Fax  401-788-2797 

©2003  American  Power  Conversion  Corporation  All  Trademarks  are  the  property  of  their  owners.  E-mail  esupport@apcc.com  •  132  Fairgrounds  Road,  West  Kingston,  Rl  02892  USA 


has  been  tested  and  certified  for 
use  with  Infra  StroX  ure“ 
architecture.  Before  you  buy. 
check  for  the  X  to  guarantee 
product  compatibility. 


APC 

Legendary  Reliability* 

AX2A3EP-US 


satisfied  customers,  APC's 
Legendary  Reliability" 
guarantees  peace  of  mind. 


Introducing  APC's  Rack-mount  LCD  Monitor 

As  floor  space  in  your  IT  environment  becomes  more  expensive  and  difficult  to 
allocate,  you  need  to  utilize  your  rack  enclosure  space  as  efficiently  as  possible. 

A  traditional  CRT  monitor,  monitor  shelf,  keyboard,  and  keyboard  drawer  take  up  to 
13U  of  your  valuable  rack  space.  An  APC  rack-mount  LCD  monitor/keyboard  drawer 
offers  you  the  same  functionality  while  using  only  1 U  (1 .75")  -  leaving  you  with  up  to 
12U  of  valuable  space. 


FEATURES  INCLUDE 


A  full  size  keyboard  with  104  full 
travel  keys  and  integrated  number 
pad 


On-screen  display  (OSD) 
adjustments 


An  integrated  trackball  to  eliminate  the  need 
for  an  external  mouse 


1024x768  resolution  for 
exceptional  image  quality  for  most 
server  applications 


Active  matrix  TFT  displays  that  emit  less 
heat  and  use  less  than  half  the  power  of 
comparable  CRT  monitors 


For  a  free  multimedia  demo  CD  of  Global  Command  Center™, 
CyberGuard's  next  generation  central  management  solution, 
visit  www  cyberguard.com/solutions/product_gcc.cfm 
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BEST  FIREWALL 


SOsrARD 


•  WORLDWIDE 
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FIREWALL/VPN/SSL 

For  white  papers  on  Rock  Solid  Secunty  go  to 
www  cyberguard.com/rocksolid/nw  cfm 
Phone  954  958  3878 
e-mail:  mfo@cyberguard  com 


•o-  Common 
ft  11  Criteria 

*-\/,EAL4+ 

CERTIFIED 


THOMAS  MAT  ZEN 

Vice  President. 

Head  of  Network  Security 
Commerzbank  AG 

With  assets  of  more  than  $420  billion.  Commerzbank,  based  in 
Frankfurt,  Germany,  is  one  of  Europe’s  leading  banks. 

"Information  technology  is  a  key  factor  in  the 
financial  business  and  our  data  is  one  of  the 
most  valuable  assets  we  have. 

We  first  chose  CyberGuard  in  1997,  not  only 
because  they  are  the  first  vendor  in  the  world  to 
achieve  EAL4  certification  for  their  firewall 
appliances,  but  also  because  we  wanted  a  highly 
secure  product  which  offers  us  a  multilevel 
secure  operating  system,  proxy  abilities  and.  of 
course,  high  availability. 

Today,  CyberGuard  products  protect  all  external 
connections,  including  the  Internet  as  well  as 
connections  with  vendors  Such  as  Reuters  and 
other  third  party  networks.  This  infrastructure  is 
being  used  by  some  35,000  users  worldwide, 
serving  800  German  locations  and  over  20 
international  locations  across  four  continents." 

CyberGuard's  security  solutions  are  found  in  Global  2000 
companies  and  governments  worldwide.  CyberGuard's  award¬ 
winning.  premium  firewall/VPN  appliances  maintain  complete 
separation  of  network  traffic  from  system  components. 


Console  Management 


AlterPath  ACS 
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Integrated  Power 
yRF  and  Console 


Security 


Daisy  Chain 


Console  and  power  control  from  one  session, 
no  need  to  memorize  ports  and  addresses 

SSH  v2,  strong  authentication,  encryption  and 
IP  filtering  on  both  power  and  console  access 

Daisy  chain  power  distribution  units  to  control 
any  number  of  devices  from  a  single  serial  port 


Remote 

Control 


Monitoring 


Joisy 

Chaining 


"Best  Hardware  for 
Linux  since  1995" 


www.cyclades.com/ nw 

1 .888. cyclades 
sales@cyclades.com 


cyclades 


iere  wit 
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oot...  with  no  'U'  there. 


Control  power  remotely  with  APC's  space-saving  0  "U"  MasterSwitch™ 


Control  power  to  your  valuable  connected  network  devices  using  MasterSwitch's  remote  on/off/reboot 
capability.  Ideal  for  any  situation  where  rebooting  or  power  cycling  is  required  of  equipment  or  "locked-up" 
servers.  The  MasterSwitch  mounts  vertically,  requiring  zero  U  space,  leaving  you  with  more  room  for  your 
network  equipment.  Trust  your  remote  management  needs  to  the  leader  in  power  protection:  APC.  To 
learn  more  today  visit  us  online  at  www.apc.com 


OPTIMIZED  FOR  MANAGEMENT  AND  CONTROL 


•  Wireless  Application  Protocol 

•  Boot-P  support 

•  Accessible  terminal  block  for  hardwire 
capability 

•  Event  configuration 

•  E-mail  notification 

•  Vertical  mounting,  requiring  zero  'IT 
of  space 

•  Remotely  manage  outlets  by  turning 


outlets  on/off  or  rebooting  connected 
equipment 

•  Built-in  Ethernet  interface*  for  direct 
connection  to  the  LAN 

•  MD5  authentication  security 

•  Power-up  sequencing  lets  you  configure 
the  sequence  in  which  power  to  outlets  is 
turned  on  or  turned  off. 


x 

c  t  n  r  i  f  i  e  o 
InfraStruXure 
‘'APC 

Every  product 
carrying  this  mark 
has  been  tested  and 
certified  for  use  with 
InfraStruXure' 
architecture.  Before 
you  buy,  check  for  the 
X  to  guarantee 
product  compatibility. 


H 


*  Requires  separate  control 


Enter  to  WIN  a  FREE  APC  MasterSwitch™  today. 

Visit  http://promo.apc£oni  Key  Code  k883y  •  Call  888-289-APCC  x6565  •  Fax  401-788-2797 

©2003  American  Power  Conversion  Corporation.  All  Trademarks  are  the  property  of  their  owners.  E-mail:  esupport@apcc.com  •  132  Fairgrounds  Road,  West  Kingston,  Rl  02892  USA  j 


With  over  15  million 
satisfied  customers,  APC’s 
Legendary  Reliability' 
guarantees  peace  of  mind. 


Legendary  Reliability®  ms2A3epus 


There  Is  A  Better  Way  To  Troubleshoot  &  Manage  Your  Network 


Observer 


Expert 

Observer 

* 2895 


Observer 

Suite 

$3995 


Observer® — Quickly  identifies  network 
trouble  spots  and  costs  thousands  less  than 
expensive  hardware-based  analyzers. 
Observer  provides  metrics,  capture,  and 
trending  for  both  shared  and  switched 
environments. 

•  Full  packet  capture  and  decode  for  over 
500  protocols,  including  TCP/IP  (v4  &  v6), 
NetBIOS/NetBEUI,  XolP,  SNA,  SQL,  IPX/SPX, 
Appletalk  and  many,  many  more! 

•  Switched  mode  sees  all  ports  on  a  switch 
gathering  statistics  from  an  entire  switch  or 
capture/statistics  from  any  port(s) 

•  Long-term  network  trending  collects 
statistical  data  for  days,  weeks,  months, 
even  years 

•  Real-time  statistics  include  Top  Talkers, 
Bandwidth,  Protocol  Statistics,  and 
Efficiency  History 

•  Ethernet  (lO/IOO/Gigabit),  Token  Ring, 
FDDi,  and  Wireless  802. 1 1 — no  need  to 
purchase  separate  tools 


•  Windows ®  98/Me/NT/2000/XP  compatible 

•  Over  4,000  frame  types  recognized 

Expert  Observer — Identifies  problems  and 
provides  Expert  information  in  plain  English. 

Includes  all  of  the  features  of  Observer  plus 
real-time  and  post-capture  expert  event 
identification  and  analysis — new  SQL  and 
Frame  Relay  experts  add  to  the  many  other 
protocols  covered,  time  synchronization 
technology,  and  modeling  of  network  traffic. 

Observer  Suite — The  ultimate  tool  for 
the  most  demanding  power  user. 

Provides  a  full  complement  of  tools  that 
includes  all  of  the  features  of  Expert 
Observer  plus  SNMP  management,  RMON 
console/Probe  and  Web  reporting.  Includes 
one  remote  Probe. 

If  you  have  any  network  problems,  find 
out  the  cause  with  Observer,  Expert 
Observer,  or  Observer  Suite. 


Call  800-526-7919  or  visit  us  online  for  a  full-featured  evaluation: 

www.NETWORKINSTRUMENTS.com 

US  (952)  932-9899  •  Fax  (952)  932-9545  •  UK  &  Europe  +44  (0)  1959  569880  •  Fax  +44  (0)  1959  569881 

©2002  Network  Instruments,  LLC.  Observer,  "Network  Instruments”  and  the  “N  with  a  dot”  logo  are  registered  trademarks  of  Network  Instruments,  LLC. 
All  other  trademarks  are  property  of  their  respective  owners. 


Reading  someone  else's 
copy  of  Network  World? 

Apply  for  your  own 
Free  subscription  today. 


NetworkWorld 

KT*— -  Costs,  security 
VERSES  vex  VoIP  users 


Free  subscription 

(51  Issues) 

To  apply  online  go  to 

subscribenw.com/b03 


■■ 


subscribenw.com/  b03 

Apply  for  your 

free 

subscription  today! 

(A  $255  value  -  yours  free) 


UltraLink  sets  a  new  standard  in  remote  management  of  server 
room  environments.  It  saves  you  money  by  allowing  you  to  centralize 
your  IT  resources.  Since  it  does  not  depend  upon  software  loaded 
on  your  computers,  it  deploys  easily  and  works  on  any  operating 
system,  such  as  Windows,  Linux,  Solaris,  Unix,  or  OSX. 


The  UltraLink  digitizes  the  remote  computer's  video.  It  then  scales, 
compresses,  encrypts,  and  packetizes  it  into  the  TCP/IP  protocol.  At 
your  PC  the  free  Viewer  application  receives  and  displays  the  video 
and  sends  back  keyboard  and  mouse  data.  This  process  allow  you 
to  access  remote  computers  from  anywhere. 


MANAGE  YOUR  SERVERS  OVER  IP 

FROM  ANYWHERE 


■  Connects  to  standalone  computers  or  any  KVM  switch 


err.  ^  ' 
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Rose  is  a  leading  manufacturer  of  switching,  extension,  and  access 
products.  As  a  KVM  industry  pioneer,  Rose  is  known  for  its 
technically  superior  and  price  competitive  products. 


■  High  quality  16-bit  video  at  up  to  1280x1024  resolution 

■  Easy  to  install,  give  it  an  IP  address  and  run  the  Viewer  program, 
no  user  license  required 


Join  the  ranks  of  many  successful  companies  using  UltraLink,  call 
Rose  to  learn  more  about  KVM  Access  over  IP  as  well  as  KVM 
Switches,  Extenders,  and  Data  Switches. 


■  Encrypted  communication  for  highly  secure  operation 

■  Scaling  and  scrolling  features  for  maximum  flexibility 

■  Single  mouse  cursor  simplifies  user  interface 

■  See  four  servers  from  one  screen  with  quad  screen  mode 

■  Lifetime  free  flash  upgrades 


KVM  SWITCHES 


LOW  COST  SINGLE  USER 
Vista™ 

Low  cost  single  user 
KVM  switch  supports 
up  to  64  computers 


PROFESSIONAL  SINGLE  USER 
UltraView  Pro™ 

Professional  single  user 
KVM  switch  supports  up 
to  256  computers 


MULTI-USER  FIXED  CHASSIS 


KVM  EXTENDERS 


KVM  EXTENDER-COAX 
ViewLink™ 

Extends  KVMs  up  to  250  feet  away 
using  coax  cable 


KVM  EXTENDER-FIBER 
CrystalView  Fiber™ 

Extends  KVM  workstation 
up  to  30,000  feet  away 
Eliminates  EMI/RFI 
Supports  PC,  Sun,  and  USB 


KVM  ACCESSORIES 


KVM  RACK  DRAWER 
RackView™ 

1U  or  2U  rack  mountable  KVM  drawer 
17”  or  15”  LCD  video  monitors 
Optional  up  to  4x16  KVM  switch  option 
Kits  available  for  single  or  multiple  users 


KVM  SHARING 

Multistation™ 

Up  to  four  KVMs  to  one 
computer  allows  fully  automatic 
KVM  sharing 


KVM  EXTENDER-CAT  5 


'.HA/rviw  •’’"I 

CLASSROOM  KVM  SWITCH 


UltraMatrix™  E-series 

Professional  multi-user  KVM  switch 
2-4  KVM  stations  to  1 ,000  computers 


^  Sortal  - 
t.  Support 

/WV 


CrystalView™ 

Extends  your  KVM  station 
up  to  1 ,000  feet  away  from  your 
computer  using  a  CAT-5  cable 
Now  available  with  Audio 
Supports  PC,  Sun,  and  Serial 


ClassView™ 

Instructor  has  total  control 
over  classroom  of  up  to  255  students 
Instructor  can  access  the  students'  computers 
Keyboard  controlled,  easy  to  use 
Bus  connection  simplifies  installation 


MULTI-USER  EXPANDABLE 
UltraMatrix™  X-series 


KVM  EXTENDER-CAT  5 
CrystalView  Mini  ™ 


VIDEO  DISTRIBUTION 
VideoSplitter™ 


Enterprise  class  multi-user  KVM  switch  Extends  KVM  workstation 

4  -  250  KVM  stations  to  1 ,000  computers  up  to  1 50  feet  away 

Single  and  dual  versions 


Splits  video  from  one  or  two 
computers  to  multiple  monitors 


USA  toll  free 
ROSE  US 
ROSE  Europe 
ROSE  Asia 


800  333  9343 
281  933  7673 
+44(0)  1264  850574 
+617  3427  5353 


ELECTRONICS 


Rose  Electronics  •  10707  Stancliff  Road  •  Houston,  TX  77099 


in  Remote  Reboot  AC  or  DC  Power  Management 

Don  t  let  server  lock-up  knock  you  off  the  mountain.  Spectrum  Control’s 
SMARTstart  power  distribution  units  with  remote  power  management 

capability  allow  you  to  monitor,  sequence  and  reboot  your  servers  and  i  ♦  #4 

network  equipment  from  any  remote  location. These  AC  or  DC  rack 

mounted,  off-the-shelf  solutions  feature  several  methods  of  communication,  W 

including  advanced  Web  Browser  access  and  greater  power  management 
than  you  ever  imagined. 

•  Reboot  via  telnet  and  other  convenient  interfaces 

•  Lower  costs  through  reduced  network  downtime  and  field  service  visits 

•  SMARTstart  PDU's  offer  customization  and  are  upgradable 

•  Menu-driven  user  friendly  interface  and  secure  password  protection 

•  Global  access  to  monitor,  reboot  and  sequence  outlets 

•  Email  alerts  &  SNMP  Traps  for  immediate  system  status  notification 

ALL  AT  AN  UNBELIEVABLE 


To  learn  more  call  814-474-2207 
or  for  online  data  sheets,  go  to  , > 
wvw.specpowcr.com/iCinotc22 


We’re  looking  for  Resellers  (VAR’S) 
and  Distributors  to  join 
our  SMARTcircle 


Your  network  costs  a  fortune... 


NEW 

LOWER 


w» 

Keyboard  drawer: 
and  casters  sold 
separately. 


•••protecting  it  doesn't 

Global  LAN  Furniture 


have  to. 


72"  Workstation 

$799 

Stk.  #  C95033 


GLOBAL 


COMPUTER  «  Systemax 


company 


SAVE  A  TON  OF  MONEY 
ON  YOUR  NEXT 
MEDIA  PURCHASE! 

Check  out  our  prices  today! 

CALL  1 -8OO-8-GLOBAL 

or  visit  us  online  for  the  LAN  solution  that  is  right  for  you. 

www.globalcomputer.com/go/mag/lan 
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{>rotects  your  equipment 
or  a  lot  less  money. 

Our  heavy-duty  LAN  Furniture  is  built  to  last  with 
steel-reinforced,  triple-leg  support  and  lateral 
braces.  Built-in  cable  management  system  hides 
unsightly  wires  and  organizes  and  separates 
cables.  Deep  30"  work  surface,  adjustable  shelves 
and  sturdy  server  shelf  allow  for  easy  integration  of 
all  your  network  equipment,  providing  a  complete 
storage  solution.  Our  96",  72",  48"  and  24"  wide 
units  combine  with  additional  shelves,  keyboard 
drawers  and  casters  for  unmatched  flexibility  to 
meet  your  changing  needs. 


24"  Server  Station 

$299 

Stk.  #  C23955 


Ejsjjy  d'c'cd ch  cd  j P  nscworks 

with  dual  Gigabit  Ethernet  ports 
RIDMP  or  iSCSI  and  dual  SCSI  ports 

enables  OEMs  to  serve 
multiple  markets  with  the  same  product 


for  direct  integration  into 


custom  OEM  configurations  (iPBHdge  25000 

units  available 


•  Rackmount  and 


(iPBrtdge  2500R/D) 


to  support 


next-generation  tape  drives 

to  significantly  enhance 

field  support 


Advanced  diagnostic 


r" 
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Power  Behind  the 
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RAID  storage  arrays  •  Fibre  Channel  Bridges  •  iPBridges  •  SCSI  a 
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10/  ioo  BaseT  Ethernet 

IP  for  HTML.  SNMP  & 
Telnet  Management 


RS-a32 
Serial  Management 


Unk  Port 
(daisy  chains  to) 

Expansion  Module 


Power  Tower  XL 

•  Outlet  Grouping  across 
power  circuits 

•  Input  Current  Monitor 

•  New  HTML  GUI 

•  Power-up  Sequencing 

•  Zero  U  vertical  and  Rack- 
mount  horizontal  models 

•  Add  a  second  Power  Tower 
to  manage  32  power-ports 


•  A  •  W 


-  f  Sentry  Power  Tower. 

Equipment  Cabinet  Solutions. 


... 
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Server  Technology,  Inc. 


/v.  1040  Sandhill  Drive  Reno,  Nevada  89511  USA 
web:  www.servertech.com  toll  free:  1.800.835.1515 


Intrusion  Prevention 
for  Microsoft  Web  Servers 


SecureilS™  Web  Server  Protection 


•  Requires  No  Signature  Database  Updates 

•  Simple,  Powerful  GUI 

•  Central  Policy  Management 


•  Shields  Against  All  Classes  of  Attack 

•  Protects  Without  Disabling  IIS  Functionality 

•  RFC  Compliancy  Checking 


mmm 
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HTTP  RFC  Violation  :  RFC  Violation 


Event  ID:  SIIS-PLT-64 
Waltsita:  Web  ID  1 
Refeience  ID:  20030327849207 
Agent:  SecureilS  2.0.3 

Remote  IP:  192 . 168.  l .  16 

Some*  Data:  HTTP/  1 . 0 

Reason:  failed  in  VerifyRTC (bad  data  trailing  HTTP/l.X  ■ 


3G7/2003  2.14:4B  PM  B 
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Download  a  FREE  Whitepaper  and  FREE  Trial  of  SecureilS: 
www.eEye.com/FreeSecurellS  or  call  866.282.8276 


SecureilS  delivers  proven  security  for  blocking  known  and 

<e> 

unknown  attacks  from  penetrating  Microsoft  IIS  servers. 

eEye*  Digital  Security 
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To  advertise  in  Network  World's  Marketplace 
call  Richard  Black  at  1.800.622.1  108 


Experience  Counts.  GTA  incorporates 

eight  years  of  firewall  experience  into 
5  new  firewall  appliances  for  the  SME 
market.  With  features  including  VPN 
hardware  acceleration,  high  availability, 
content  filtering  and  gigabit  support, 
GTA  offers  complete  firewall  solutions 
at  a  price  SME  businesses  can  afford.To 
learn  more  about  our  family  of  firewalls 
visit  our  website  or  contact  a  GTA 
channel  partner. 
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Yes,  you  can  Switch 
Power  over  the  Internet... 


Servers,  routers,  and  other  electronic 
equipment  sometimes  “lock-up,” 
often  requiring  a  service  call  to  a 
remote  site  just  to  flip  the  power 
switch  to  perform  a  simple  reboot... 

The  IPS-15  gives  you  the  ability  to 
perform  this  function  from  anywhere! 


Web  Browser  Access  for  Easy  Operation 
Telnet  and  Serial  Access 
Encrypted  Password  Security 
Expandable  to  Five  (5)  Individual  Outlets 
Each  Outlet  can  Switch  a  15  Amp  Load 
On  /  Off  /  Reboot  Switching 


LOCATION:  IPS-15  Live  Demo  Unit 

Plug  Name  Status 

On 
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Boot 
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Expandable! 
Using  IPS  Satellite  Units... 


www.wti.com 


(800)  854-7226 


western  telematic  incorporated 

5  Sterling  •  Irvine  •  California  926  1  8-2  5  1  7 


"Keeping  the  Net.. .Working!" 


Cisco 


Routers 

Switches 

Hubs 

Voice  Over  IP 

Memory 

Security 

Interface  Modules 
Port  Adapters 
Wireless 

'-v..,;." . 
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Cisco  Router 
and  Switch  Poster 


World  Data  Products  introduces  its  new  Cisco 
Router  and  Switch  poster.  It  provides  at-a-glance 
information  on  model  capacities,  interface  cards 
and  available  features. 

The  Cisco  Poster  is  a 

.... 


valuable  tool  for 
network  planning. 
Call  877.231.2451  or 
visit  www.wdpi.com 
to  request  your 
FREE  Cisco  Router 
and  Switch  poster. 
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Buy  •  Sell  •  Ia'cisc  •  Repair  •  New  •  Refurbished  •  Used 
www.wdpi.com  •  877.231.2451  •  cisco@wdpi.com 

121  Cheshire  Lane,  Minnetonka,  MN  55305  U.S.A. 


Avoid  Downtime 

Plan  ahead  and  protect  your  IT  operations 
from  heat  crippling  downtime 


Thousands  of  COOLITs  are 
currently  cooling  data/LAN 
rooms  around  the  clock. 


AirPac 


COOLIT  2000  Series 
Plug  and  cool  -115  V, 


Portable  -  Compact  -  Self-Contained 


Online  ordering 
next  day  shipping 


ADAPT 

800-243-COOL 


FREE  Cooling  Analysis  Guide  ONLINE! 


www.CoolestSpoft.com 
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western  telematic  incorporated 


(800)  854-7226  •  www.wti.com 


SSH  or  Out-iand  Access  t© 
Consoles  at  Remote  Locations 


■  Secure  Shell  (SSHv2)  Encryption 

■  Simultaneous  SSH  or  Telnet 

■  Non-Connect  Port  Buffering 

■  SYSLOG  Reporting 

■  SNMP  Capability 

■  Any-to-Any  Port  Switching 

■  IP  Security  Features 

■  10/100  Base-T  Ethernet  Port 

■  Port-specific  Password  Protection 

■  Data  Rate  Conversion 

■  1 1 5/230VAC  or  -48VDC  Models 

The  SCM-16  Secure  Console  Management  Switch  provides  in-band  and 
out-of-band  access  to  RS232  console  ports  and  maintenance  ports  on  UNIX 
servers,  routers  and  any  other  network  elements  which  have  a  serial  console 
or  craft  port.  System  administrators  can  access  serial  maintenance  ports 
over  the  network  via  SSH  connections  and  simple  menu-driven  commands, 
or  through  a  discrete  TCP  port  connection  mapped  directly  to  one  of  the  Visit  website  for  complete  NetRedCh™  product  line. 

SCM-16  serial  outputs. 


Eile  Options  Help 


NETWORK 

INSTRUMENTS 
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'“l;  Network  Instruments  RMON  Piobe 


•  tow  cost,  complete  RMON  monitoring  for  remote  sites  or 
segments. 

•  Software-only,  non-dedicated  data  collection. 

•  Pure,  full  RMON  1  and  2  support.  Complete  implementation  of 
both  RMON  1  and  2  for  Ethernet  (10/100)  and  Token  Ring  (4/16). 

Full  adherence  to  RFCs  1513,  1757,  2021  and  2074. 

•  Runs  as  a  service  on  Windows  NT/2000/XP. 

•  Works  with  ANY  RMON  management  console  or  collection  facility 
(Observer  ,  OpenView  Concord  ",  NefScout ',  etc.). 

•  Compatible  with  Network  Instruments'  optimized  ErrorTrack ™  NDIS 
drivers  display  true  errors-by -station. 

•  Multiple  concurrent  network  interface  monitoring  (up  to  10). 

Why  pay  thousands  more  for  the  same  data? 

Call  800-526-7919  for  information,  or  see  our  web  site  at: 

www.networkinstruments.com 

e  2001  Network  Instruments,  LLC  -  Corporate  Headquarters  (952)  932-9899  FAX  (952)  932-9545 
UK  and  Europe  +44  (0)  1959  569880  FAX  +44  (0)  1959  569881  info@networkinstruments.com  www  networkinstruments  com 
Network  Instruments  and  the  ‘N’  logo  are  registered  trademarks  of  Network  Instruments,  LLC  Minneapolis.  MN  USA 


BE  NOTIFIED  BEFORE  CRITICAL  EVENTS  TURN  INTO  DISASTER! 


•  Eight  environment  inputs 

•  Power  sensing 

•  Monitors  64  IP  addresses 

•  Send  alerts  to  64  people 

•  8  methods  of  contact 

•  Calendar  scheduling 

•  Expands  to  256  sensors 

•  Remote  power  control 

•  Optional  camera 


Microphone 

for  Sound 
Monitoring 


The  Sensaphone  IMS-4000  Infrastructure 
Monitoring  System  monitors  critical  environ¬ 
mental  and  network  elements  in  your  server 
room,  data  center,  or  telecomm  installation  and 
reports  to  you  instantly  when  events  threaten 
your  infrastructure.  The  IMS-4000  keeps  watch 
so  you  don't  have  to.  See  these  features  and 
more  on  the  web  at  www.ims-4000.com 


Internal 

UPS 


Internal  Voice, 
Power  Ethernet  Modem 
Control  Port  &  Pager  Port 
Interface 


8  R|-45  Sensor  Inputs 

(Temperature,  Humidity, 
Water,  Motion,  Power, 
Smoke/fire) 


Embedded 

Web 

Server 


Sends 

E-Mail 


Power 

Outage 


Sends 

SNMP 

Messages 


Monitors 

64 

IP  addresses 


SENSAPHONE® 

imB-maaa 


FIBER  OPTIC 
SOLUTIONS 

•  Tl/lil  &  T3/E3  Modems 

•  RS-232/422/485  Modems  and 
Multiplexers 

•  IBM  3270  Coax.  AS400  Twinax.  and 
RS6000  Modems  and  Multiplexers 

•  LAN  Arcnet'Ethemet/Token  Ring 

•  Video/Audio/1  lubs/Repeaters 

•  ISO-9001 

-  .  TC/*U 

■9.1.  »  biWl  a 

Toll  Free  866-SITcch-l 
630-761-3640,  Fa*  630-761-3644 
www.sitcch-bitdriver.coin 
www.sitechfiber.com 


One-Year  Warranty 


►  Largest  warehouse  of  used  Cisco 

►  Highest  quality  and  lowest  prices 

►  Over  5000  satisfied  customers 


Call  or  email  for  a  fast  quote. 


800.439.8558 


sales@digitalwarehouse.com 


Systems/Features/Memory 


Xylogics,  Livingston,  &  Ascend 

in  Stock  •  fast  Delivery  •  Aio  Expedite  Charges 

COMSTAR,  INC. 

The  11  Network  Remarketer 

952 *835 >5502 

Fax  95J-8J5-19J7  E-Mai,  saiesdcomstartnc  com 


Advertise  in  the 
Marketplace  and  watch 
your  sales  come 
pouring  in! 


Call  Direct  Response 
Advertising 
1-800-622-1108 
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CISCO  NORTEL 

NEW  •  REFURB  /  BUY  •  SELL 


Truckload 

I 

NQRTEL 

NETWORKS  ■  ^0 

M  ■  ‘,Hf ^  BayNetworks 
Fax  Equipment  List  To  801-377-0078 


888-8LANWAN  ESS 

Call  lor  Free  Quote'  (888-852-6926)  www  nle  tom 


f  SERVER  ROOM 

Temperature 

Sensors 


CHESCOB  w 

M  u  I  t  ip  I  e  M  ode  I  s  I  n  c  I  u  d  I  n  g : 


THL-100 

(Battery  powered) 

THL-100  AC/DC 

(Continuous  monitoring) 

THL-100  AC/DC  Plus 

(Email  alarms) 


►  Records  Temperature,  Humidity  &  Light 

►  Time  Stamped  Data  for  Detailed  Analysis 

►  Windows-based  SmartSensor  Software 
•  Data  or  graphical  view 

•Easily  exports  to  common  spreadsheet 
software 


Toll  Free  1-866-442-7767 
www.smartronix.com/products 


We  Buy  &  Sell 

USED 

CISCO 

Juniper 

Extreme 

800.451.3407 

Since  1985 

50-90/o  Savings 
Fully  Guaranteed 
Overnight  Delivery 

networkhardware.com 


NEW 


WftC^NEJ 


USED 


50%-90%  Discounts 


Cisco  Livingston  Ascend  Lucent 
3Com  US  Robotics  Kentrox 
Adtran  BayNetworks  Xyplex 
Racketeer  Computone  Patton 
Extreme  Networks 

Modems  /  DSU  /  Muxes 

IBM  UDS  Codex  Hayes  GDC 
Micom  Microcom  Paradyne 
ATT  MultiTech  Penril 
Racal  Telebit  Zoom 


BUY  AND  SELL 

800-699-9722 


www.wrca.net 

AS5x  VOIP  /  EXS  2000 


careers 


IA  Foundation  for  Medical  Care 
has  multiple  Programmer  III  job 
openings  for  which  we  need  to 
hire  expd  prgmrs.  Candidates 
must  have  bach  &  at  least  4  yrs 
exp  in  prgmg  or  equiv.  Req  skills 
inch  Java,  C.  C++,  SQL,  J2EE, 
Servlets,  JSP,  Java  Beans, 
JDBC,  XML,  XSLT,  multi-thread¬ 
ed  Java  application  dvlpmt, 
Oracle.  Exp  prgmg,  implmtg  & 
testing  web-based  applies  on 
Unix  &  Win  NT/Win2K.  Some 
job  openings  also  req  Java  2 
Platform  Sun  Certification,  exp 
implmtg  content  mgmt  systms  to 
websites.  &/or  demonstrated 
proficiency  with  Eclipse, 
NetBeans  Java,  IBM  VisualAge, 
IBM  WebSphere.  Junit,  Swing. 
Apache.  Jboss,  Tomcat, 
Rational  Rose.  Send  resume  to 
Anne  Dennis,  4725  121st  St. 
Des  Moines,  IA  50323-2316. 


IT  co  in  Philadelphia,  PA  with 
multiple  openings  seeks  Sftwre 
Enggs/Prog  Anylsts  w/foll  skill 
sets: 

1.  C,  C++,  VB,  Dev  2000, 
Oracle,  SQL,  Javascript  & 
Crystal  Rprts.  (Job  Code  NEA). 

2.  Oracle.  SQL,  PL/SQL,  Dev 
2000,  VB,  VBScript,  JavaScript, 
CGI  &  Rational  Rose.  (Job 
Code  OJR). 

3.  Oracle,  Dev  2000,  Desgnr 
2000,  Java,  SQL*  Loader,  VB, 
Unix  ShellScripts  &  HTML  (Job 
Code  UVS). 

Req  Bach/Masters  or  equiv  in 
Comp  Sci,  Engg,  Tech,  Sci  or 
equiv  &  min  1-3  yrs  exp.  Send 
resume  to  Edge  Technologies, 
Inc.,  1822  Spring  Garden  Street, 
Philadelphia,  PA  19130,  fax: 
973  331  9390. 
e-mail:  nat@edgtek.com. 


Seeking  qualified  applicants  for  the 
following  positions  in  Memphis/ 
Collierville,  TN:  Senior  Programmer 
Analyst.  Formulate/define  function¬ 
al  requirements  and  documentation 
based  on  accepted  user  criteria. 
Requirements:  Bachelor’s  degree* 
in  computer  science,  MIS,  engineer¬ 
ing  or  related  field  plus  5  years  of 
experience  in  systems/applications 
development.  Experience  with  eith¬ 
er  Java,  JSP,  EJB  or  J2EE;  and  writ¬ 
ing  applications  that  interface  with 
relational  databases  (either  Oracle. 
Sybase,  SQL  Server  or  Teradata) 
also  required.  'Master's  degree  in 
appropnate  field  will  offset  2  years 
of  general  experience.  Submit 
resumes  to  Sibi  George,  FedEx 
Corporate  Services,  1900  Summit 
Tower  Blvd.,  Suite  1400,  Orlando, 
FL  32810.  EOE  M/F/D/V. 


Computers  -  Senior  Software 
Professionals  needed. 
Seeking  qual.  candidates 
possessing  Bachelor's  in  CS, 
IS  or  equiv.  and/or  rel.  work 
exp.  Part  of  the  req.  rel.  exp. 
must  include  2  yrs.  working 
with  SQL  Server,  Visual 
Studio  &  Rational  Rose.  Two 
years  exp.  in  public  health 
service  preferred.  Must  be 
willing  to  travel  &  relocate  as 
req'd.  Fwd.  resume  &  ref.  to 
Cal2Cal  Corp.,  Attn:  HR, 
2182  DuPont  Dr.,  #213, 
Irvine,  CA  92612. 


Programmer  Analysts 
(multiple  positions) 
sought  by  Edison,  NJ- 
based  s/ware  consultancy 
firm.  Must  have  Bach  or 
equiv  in  Comp  Sci  &  3  yr 
s/ware  exp.  Respond  to: 
AK  Systems,  Inc,  100 
Metroplex  Drive,  Suite 
303,  Edison,  NJ  08817  or 
http://www.aksystems- 
inc.com/joinnow.htm. 


Senior  Software  Engineer-Platform 
Services:  Lead  and  participate  in 
the  specification,  design,  develop¬ 
ment  and  support  of  company 
product  including  the  overall  archi¬ 
tecture.  component  interfaces  and 
communication  schemes,  client 
and  server-side  programs  written 
in  Java  and  C++.  Java  and  C++ 
based  product  APIs,  and  Oracle. 
SQL  Server  and  LDAP  database 
schemas.  Assist  with  development 
of  project  plans  and  schedules. 
Follow  rigorous  software  engineer¬ 
ing  standards  including  developing 
product  requirements,  functional 
and  design  specifications  and 
adhering  to  coding  standards. 
Create  new  tools  and  procedures 
to  enhance  the  development 
process.  Lead  efforts  to  identify 
and  resolve  any  product  perfor¬ 
mance  issues.  Mentor  junior  engi¬ 
neers.  Requirements  include  a 
Bachelor's  degree  or  equivalent  in 
Computer  Science,  an  Engineer¬ 
ing  discipline  or  closely  related 
field  and  four  years  of  work  experi¬ 
ence  in  the  job  offered  or  related 
field  of  development  of  large-scale, 
high-performance  systems  and 
network  management  systems 
and  protocols  using  Java  and  C++. 
Applicants  must  have  unrestricted 
authorization  to  work  in  the  United 
States.  Salary  $92. 833/year.  40 
hours/wk.  Respond  with  two 
copies  of  resume  to  Case 
#200201884.  Labor  Exchange 
Office.  19  Staniford  St.,  1st  FL, 
Boston,  MA  02114. 


Programmer/Analyst  -  Handheld 
Devices  (Atlanta,  GA)  Interpret 
reqmts  of  Handheld  Project 
Team  &  translate  into  dsgn  doc¬ 
umentation  and/or  coded  solu¬ 
tions.  Conduct  testing  of  hand¬ 
held  systems.  Maintain  & 
enhance  components  of  hand¬ 
held,  desktop,  &  AS400  systms. 
Provide  tech  assistance  to  team 
members  &  end  users.  Other 
duties  as  reqd.  BS  in  Comp  Sci 
or  Engg  (or  foreign  equiv.)  &  at 
least  3  yrs  of  handheld  systms 
prgmg  &  dvlpmt  exp.  Applicant 
must  have  extensive  exp  (at 
least  1.5  yrs)  working  w/.NET 
Compact  Framework,  Windows 
CE,  C++,  &  VB.  $60K.  Submit 
resumes  to:  K.  Bunkley,  Rollins. 
Inc.,  2170  Piedmont  Rd,  NE, 
Atlanta,  GA  30324. 


Computer  Progr.  for  full  life- 
cycle  applic.  dev.  &  maint.  for 
CDCs  STD  Curriculum  websites 
in  Training/  Health  comm. 
Develop  user  mgmt.  system  for 
website.  Develop  curriculum 
portal  using  ASP  3.0,  MS  SQL 
Server  2000.  HTML  4.0, 
DHTML,  Style  Sheets  (CSS), 
VBScript  5.0,  and  JavaScript 
1.2.  Develop  US  §  508  com¬ 
plaint  web  pages  and  support 
downloading  of  document  in  MS 
Word.  MS  PowerPoint,  Acrobat 
pdf  using  Bobby  Worldwide  5.0. 
Requires  Bachelor's  degree  in 
Comp.  Science  or  Equivalent  + 
2  yrs.  exp.  in  job  duties.  In  lieu 
of  Bachelor's  degree  will  accept 
candidates  with  5  years  of  IT 
exp.  Comp,  salary.  Apply:  BCA, 
2180  Satellite  Blvd.,  #325, 
Duluth.  GA  30097  with  proof  of 
permanent  work  authorization  in 
the  United  States. 


Programmer,  Gainesville, 
FL  -  Design,  engineer 
and  test  computer  pro¬ 
grams  and  systems  for 
information  technology 
company.  BS  in  Com¬ 
puter  Science,  Salary 
commensurate  with  exp. 
40  hrs/wk,  8  AM  -  5  PM, 
M  -  F.  Mail  resume  to: 
Info  Tech,  Inc.,  5700  SW 
34th  Street,  Suite  1235, 
Gainesville,  FL  32608. 


Software 

Data  Conversion  Specialist 

Data  Conversion  Specialist,  40- 
hr  wk,  9AM-5PM.  Associates  or 
foreign  degree  equiv  in  comput¬ 
er  science  +  2  years  in  job 
offered  or  2  yrs  as  Systems 
Analyst.  Provide  technical  skills 
to  ensure  a  successful,  quick 
and  accurate  conversion  of  data 
from  all  systems;  provide  input 
to  the  detailed  implementation 
project  plan:  provide  a  channel 
of  communication  with  imple¬ 
mentation  and  support  to  repre¬ 
sentatives;  keep  specifications 
current  throughout  the  projects; 
work  with  client  representatives 
to  determine  specifications  for 
data  mappings  including  analyz¬ 
ing  source  data,  writing  SQL 
queries;  develop,  test  and  imple¬ 
ment  automated  data  conver¬ 
sion  routine  including  programs 
for  extraction,  transformation 
and  loading  of  data  to  the  new 
database  using  Visual  Basic  and 
SQL  or  FoxPro.  Submit  resume 
to:  jobs@campusmgmt.com  or 
Joe  Bozza,  HR  Director, 
Campus  Management  Corp, 
777  Yamato  Rd,  #400,  Boca 
Raton,  FL  33431 . 


Programmer  Analyst,  40-hr  wk, 
8  -  4PM,  Bachelor's  or  foreign 
degree  equiv.  in  Computer 
Science  or  Computer  Engg.  or 
Electrical  Engg.+  2  yrs  exp.  in 
job  offered  or  2  years  as 
Systems  Analyst.  Analyze, 
review  and  rewrite  programs; 
prepare  records  and  reports; 
consult  with  staff  and  users  to 
identify  operating  procedure 
problems;  formulate  and  review 
plans  regarding  steps  required 
to  develop  programs;  devise 
flow  charts  and  diagrams;  mod¬ 
ify  programs.  Resume  to 
Dianna-Andrea  Corp..  4210  NW 
4  St.,  Miami,  FL  33126. 


DATABASE  ADMINISTRATOR: 
DBA  is  responsible  for  adminis¬ 
tration  and  control  of  depart¬ 
ments  data  resources,  including 
RDMS,  and  for  providing  com¬ 
plete  DBA  support  and  adminis¬ 
tration  for  Production,  Pre- 
Production  and  Development 
Servers.  Duties  include:  utilizing 
data  dictionary  SW  to  ensure 
data  integrity,  security,  and  to 
eliminate  data  redundancy;  pro¬ 
vide  technical  design  and  data 
modeling;  coding  procedures 
and  triggers;  licensing  issues; 
maintain  SW  tools  and  applica¬ 
tions;  conduct  tuning;  maintain 
an  enterprise  wide  data  reposi¬ 
tory;  secure  and  maintain  all  cur¬ 
rent  and  future  applications  to 
ensure  recoverability;  provide 
end  users  with  training  and 
answers  for  technical  issues; 
create  documentation  for  data¬ 
base  applications,  and  migrate 
databases  to  different  storage 
and  operating  platforms.  Daily 
work  with:  Sybase  11.5.1,  HP 
UX  11,  Solaris  2.7,  Oracle, 
WinNT,  SQL  and  UNIX  scripts. 
Must  be  available  24x7  for  beep¬ 
er  customer  support  calls.  Min. 
Reqts:  BS/BA  (foreign  equiva¬ 
lent  accepted)  in  CS,  MIS  or 
related  field  of  study  plus  2  yrs 
exp.  in  job  offered  or  2  yrs  exp. 
in  related  occupation  (i.e. 
System  Analyst  or  DBA 
Developer  or  related).  MUST 
possess  demonstrated  expertise 
with:  (1)  Database  support  and 
administration  for  Production, 
Pre-Production  and  Develop¬ 
ment  Servers;  (2)  Database 
development  in  Sybase  11.5.1, 
HP  UX  11,  Solaris  2.7,  Oracle, 
and  WinNT  environments;  and 
(3)  programming  in  SQL  and 
Unix  Scripts.  Basic  pay  is 
$58,000  per  year  FT  and  stan¬ 
dard  company  benefits.  EEO. 
Submit  2  resumes  and  respond 
to  Case  No.  2002-02286,  Labor 
Exchange  Office,  19  Staniford 
Street.  1st  Floor,  Boston.  MA 
02114. 


Manhattan  Associates,  Inc.,  a 
worldwide  leader  in  supply  chain 
execution  systems  is  looking  for 
IT  professionals  to  join  our  team 
at  our  Atlanta,  GA,  Burlington. 
MA,  and  Mishawaka.  IN  loca¬ 
tions.  Operations  Research 
Analyst.  Analyze  complex 
mgmt  info  req.  for  transporta¬ 
tion/logistics  optimization-based 
decision  support  sys;  incorpo¬ 
rate  math  &  computer  models  & 
other  analytical  approaches  to 
deliver  research  based  algorith¬ 
mic/  heuristic  solutions  for  re¬ 
engineering  into  production- 
ready  engines  &  incorp  into 
existing  software  apps.  Req: 
PhD  in  operational  research, 
transportation  or  logistics  &  doc¬ 
umented  research  in  transporta¬ 
tion  or  logistics  optimization. 
Implementation  Consultants. 
Consultants  &  specialists  will 
coordinate  client  projects  & 
interact  with  client  org,  evaluate 
client  bus.  ops  &  sys  environ¬ 
ments  to  implement  client  pro¬ 
prietary  software  sys,  advise  & 
design  sys  test  plans,  develop 
test  &  product  environ  at  client 
sites,  &  develop  proposals  & 
supports  for  sales  presentations. 
Req:  BS  in  comp.  sci.  engg,  or 
related  tech,  field  (some  req. 
MS).  Substantial  travel  req. 
Quality  Assurance  Analysts. 
Assist  in  design  &  develop  of 
software  test  procedures,  plans 
&  automated  scripts  using  J++ 
and  IBM  Rational  Robot  to  auto¬ 
mate  software  testing.  Prepare 
test  recommends  &  doc.  proce¬ 
dures  for  product  design  thru 
production.  Evaluate  test  equip, 
used  to  perform  quality  checks. 
Document  defects  &  assist  with 
repairs.  Maintain  defect  tracking 
system.  Req.  BS  in  comp,  sci, 
engg,  or  related  tech,  field. 
Resumes  to:  J.  Lurey, 
Manhattan  Associates,  2300 
Windy  Ridge  Pkwy,  7th  FI.  N, 
Atlanta,  GA  30339 


NETWORK  PLANNING  ANA¬ 
LYST  LEAD:  Duties  include 
Responsible  for  network  needs 
assessment  and  for  architecture 
design  and  delivery  of  strategic 
high  performance  network  solu¬ 
tions,  including  directory  ser¬ 
vices  integration,  NOS  architec¬ 
ture,  high-speed  switch  net¬ 
works,  PKI/SSL,  and  least  privi¬ 
lege  best  practice.  Provide 
senior  level  technical  leadership 
in  solutions  design  and  imple¬ 
mentation  across  the  organiza¬ 
tion,  working  with  both  imple¬ 
mentation  and  production  sup¬ 
port  teams.  Will  assess  the 
impact  on  issues  such  as  scala¬ 
bility,  maintainability,  reliability, 
extensibility  and  usability  for 
planning  and  designing  high- 
level  network  system  architec¬ 
ture.  Implement  authorization, 
authentication  and  access  con¬ 
trol  procedures.  Daily  work  with: 
Siteminder,  NOS  design,  Novell 
Netware,  Windows  NT  and  2000 
security  procedures.  Min  Reqs.: 
BS/BA  (foreign  equivalent 
accepted)  in  CS,  MIS,  or  related 
field  of  study  plus  2  yrs  exp.  in 
job  offered  or  2  yrs  exp.  in  a 
related  occupation  (i.e.  System 
or  Network  Support/Analysis) 
OR  IN  ALTERNATIVE  4  yrs 
exp.  in  job  offered  or  related 
occupation  in  lieu  of  BA/BS  plus 
2  years  exp.  MUST  possess 
demonstrated  expertise  in  the 
following:  (1)  Network  modeling, 
architecture,  and  NOS  design; 

(2)  Security  procedures  for 
Novell  Netware,  Windows  NT 
Server,  and  Windows  2C00;  arid 

(3)  IP.  Wan,  Internet  or  Internet¬ 
working.  8asic  pay  is  $58,000 
per  year  FT  and  standard  com¬ 
pany  benefits.  EEO  Submit  2 
resumes  and  respond  to  Case] 
No  2002-02299,  Labor 
Exchange  Office,  19  Staniford  j 
Street,  1st  Floor,  Boston  MAj 
02114. 
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LAN  ADMINISTRATOR:  Duties 
include:  Applying  advanced 
knowledge  of  computer  sys¬ 
tems.  hardware  and  software, 
network  protocols  and  end  user 
requirements  to  maintain  and 
manage  large  LAN  system. 
Monitor  and  respond  to  complex 
technical  control  software  prob¬ 
lems  utilizing  a  variety  of  soft¬ 
ware  testing  tools  and  tech¬ 
niques.  Analyze  and  recover 
LAN  systems  and  applications 
and  fix/troubleshoot  daily  issues 
related  to  accessing  information 
and/or  application.  Provide  sys¬ 
tem  solutions  to  internal  units  for 
accessing  their  information  and 
task  autoimmunization.  Admin¬ 
ister  and  configure  Servers  and 
their  network  resources  to  pro¬ 
vide  information  access  to  inter¬ 
nal  users.  Establish  personal 
and  shared  network  storage  for 
data  and  application  files,  and 
maintain  the  network  security 
and  network  printing.  Study  ven¬ 
dor  products  to  determine  those 
that  best  meet  system  needs. 
Train  team  members  in  network 
protocols.  Daily  work  with: 
Windows  NT  and  Novell  net¬ 
works;  Bindview,  LDAP,  NDS, 
PC/LAN, TCP/IP,  IPX  and 
Zenworks.  Min.  Reqt's:  BS/BA 
(foreign  equivalent  accepted)  in 
CS,  MIS  or  related  field  of  study 
plus  2  yrs  exp.  in  job  offered  or  2 
yrs  exp.  in  related  occupation 
(i.e.  Networking  or  Systems 
Analysis).  MUST  possess 
demonstrated  expertise  in  the 
following:  (1)  Network  Admin, 
and  implementation  in  Windows 
NT  and  Novell  multi-protocol 
environments  for  large  networks 
(100+users);  (2)  Project 

Management  experience  using 
Bindview  network  management 
software;  (3)  Documentation  of 
network  procedures  and  training 
materials;  and  (4)  Using:  LDAP, 
NDS.  PC/LAN,  TCP/IP,  IPX  and 
Zenworks.  Basic  pay  is  $44,000 
per  year  FT  and  standard  com¬ 
pany  benefits.  EEO.  Submit  2 
resumes  and  respond  to  Case 
No.  2002-02287,  Labor 
Exchange  Office,  19  Staniford 
Street,  1st  Floor,  Boston,  MA 
02114. 


IT  PROFESSIONAL 
www.maximaconsultina.com  has 
immediate  openings  for  Software 
Engineers  and  Analyst/Program¬ 
mers  for  assignments  in  Boston/ 
North  East  with  the  following  skills: 

INTERNET  COMPUTING 

JAVA  Design  &  Architecture 
JAVA/SWING/EJB's 
ACTUATE/eTOOLS 
ASP  NET 
QA  TESTERS 
PM/Business  Analysts 

CLIENT/SERVER 

UNIX/C++/PERL/SQL 
Oracle  Financials 
Oracle/Sybase  DBAs 
UNIX  Admin./NT  Admin 
VC++/VB/COM/DCOM 
Data  Warehouse  Specialists 

Maxima  Consulting,  inc. 

27  Water  Street 
Wakefield.  MA  01880-3038 
Caiegrs^maxjrriacQnstiitinfl.cQni 

(781)  246-9500 


G»S  DATA  ADMLMiST RATQRi 

Coordinate  physical  changes  to 
computer  data  bases;  and  codes, 
tests,  and  implements  physical 
data  base,  applying  knowledge  of 
data  base  management  system; 
Design  logical  and  physical  data 
bases  as  well  as  maintain,  man¬ 
age  and  update  land  base  layers 
induding  all  editing,  archiving  and 
SDE  maintenance  by  using  the 
following  computer  languages 
and  software  Java  Script.  Orade 
7  x/8  x.  IBM  unix  environment. 
Internet  Application  Develop¬ 
ment.  Visual  Basic,  C,  C++  and 
GiS  Job  is  in  Juno  Beach 
40hrs/wk.  8  30am-5:00pm/  M-F, 
must  have  2  yrs  Exp.  in  job 
ottered  or  ?  yrs  in  related  occupa¬ 
tion  v Software  Analyst),  Please 
send  esume  to  SUI  TECHNOLO¬ 
GY  INC  af  3201  W  Griffin  Rd 
Ste#20i.  Darua,  FI  33312 


Medical  System  Engineer:  Drive 
international  medical  customer 
needs  into  detailed  product  design 
and  implementation  plans  as  well 
as  provide  system-level  support 
during  the  development  phase. 
Work  with  international  customers, 
applications  engineers  and  soft¬ 
ware  engineers  during  the  devel¬ 
opment  stage  to  break  down  pro¬ 
gram  requirements  into  a  medical 
imaging  system  definition.  Define 
projed  requirements  with  the  engi¬ 
neering  organization  and  program 
management  in  order  to  create  an 
overall  engineering  plan,  and  vali¬ 
date  this  solution  with  customers. 
Work  with  hardware  and  software 
architects  to  analyze  the  use  of 
new  technologies  and  architec¬ 
tures  to  converge  onto  new  sys¬ 
tems  solutions  for  the  traditional 
and  new  market  opportunities  in 
medical  imaging  applications  such 
as  MRI,  CT,  Digital  X-ray  and 
Ultrasound.  Requirements  include 
a  Master's  degree  or  equivalent  in 
Computer  Science,  an  Engineer¬ 
ing  discipline  or  closely  related 
field  and  two  years  of  work  experi¬ 
ence  in  the  job  offered  or  related 
field  of  medical  imaging  system 
engineering.  Applicants  must  have 
unrestricted  authorization  to  work 
in  the  United  States.  Salary 
$75, 899/year.  40  hours/wk.  Res¬ 
pond  with  two  copies  of  resume  to 
Case  #200201917,  Labor  Ex¬ 
change  Office,  19  Staniford  St..  1st 
FI..  Boston.MA  02114. 


Web  Developer  for  Miami  to 
develop  software  for  per¬ 
sonal  financial  planning  and 
life  insurances  especially 
for  the  Dutch  market  using 
online  version,  desktop  with 
online  technology  using 
XML  and  XSL,  MSMQ  and 
BIZTALK.  Full  time  position 
M-F  pays  market  level 
salary.  Applicants  with  5  yrs 
related  exp  send  resumes 
only  to  Human  Resources, 
Sungard,  2000  S.  Dixie 
Hwy,  Miami,  FL  33133. 


Software  Engineers  with 
extensive  design,  develop¬ 
ment,  maintenance  and  sup¬ 
port  experience  for  complex 
software  systems  to  work  in 
our  Anchorage,  AK  office. 
Advanced  level  computer 
skills  a  must.  Send  resume  to 
SAIC,  1049  W.  5th  Ave., 
Anchorage,  AK  99501,  Attn: 
H.R.,  Req#SWE,  or  on-line 
to  ETSG.ALASKA@saic.com 
with  Req#SWE  in  subject  line. 
EOE. 


Navision  Developer:  Develop/pro¬ 
gram  customizations  in  Microsoft 
Navision  Financial  package;  design 
&  document  user  specified  solu¬ 
tions;  create  system  &  end  user  uti¬ 
lization  reports;  manage  data  con¬ 
version  (flat  files,  importation  pro¬ 
grams.  etc  );  provide  Navision 
AVISTA  customer  support;  teach 
development  classes;  program 
installation  &  setup  of  client/server 
software  on  Navision  server  &  SQL 
server  Req.  4  yrs  work  exp  in  job 
offered  or  4  yrs  exp  in  related  occu¬ 
pation  as  Developer  or  any  suitable 
combo  of  edu.,  training,  and/or 
work  exp.  Send  resume  to 
Compusystems  of  Georgia.  Inc., 
3100  Breck.nndge  Blvd..  Ste  725. 
Duluth.  GA  30096  Ref  BN 


Principal  Dbase  Administrator.  Util¬ 
ize  knowledge  of  a  variety  of  corp. 
computing  and  dbase  products  & 
services  to  dev.,  implement,  main¬ 
tain  and  test  numerous  dbase  sys¬ 
tems  utilized  by  co.  Lead  products 
&  subprojects  of  significant  tech, 
complexity.  Coordinate  app.  roll¬ 
outs,  s/w  upgrades,  &  data  migra¬ 
tion.  Also  measure  capacity  and 
conduct  workload  &  performance 
analysis  &  analyze  highly  complex 
tech  sys  problems.  Responsible  for 
providing  dbase  admin  support  for 
Corp  and  Commercial  markets 
apps.  Utilize  high-level  expertise  in 
MS  SQL  Server  &  Sybase  ASE  & 
Replication  Server,  high-level  com¬ 
petence  in  AIX  and  Windows  2000, 
dbase  des.,  SQL  access  path  an¬ 
alysis  and  tuning,  dbase  perf.  tun¬ 
ing.  and  backup/recovery.  Depict 
highly  complex  ideas,  issues  and 
designs  to  varied  audiences  &  com¬ 
municate  project  objectives,  scope 
&  direction  across  project  teams 
Identify  analyze  and  resolve  prob¬ 
lems  that  occur  within  midrange 
distributed  processing  architec¬ 
tures  and  provide  emergency  off- 
shift  support  &  occasional  weekend 
implementations.  Emergency  off 
hours  support  and  some  weekends 
in  addition  to  f-t  sched.  may  be  nec. 
at  times. 

Bach  in  CS,  Eng,  or  related  (or 
equiv)  +  5  yrs  exp  utilizing  AIX  tools 
&  utilities  and  shell  scripting  req’d. 
At  least  3  of  5  yrs  must  incl  exp  w / 
Sybase,  and  SQL  Server.  $85,000/ 
year  full  time. 

Applicants  should  direct  two  (2) 
resumes  to:  Job  Order  #  2003-194 
PO  Box  989  Concord,  NH  03302- 
0989. 


System  Administrator  reqd  for 
Imp/Exp  &  seller  of  foreign 
goods  in  NYC.  Admin 
win/servers  &  app.  s/ware  & 
monitor  servers  &  LAN  to  ana¬ 
lyze/resolve  support  related 
issues,  maintain  systems  report¬ 
ing  for  performance  optimization 
&  upgrades;  maintain,  dev.  & 
update  d/base  on  SQL  Server 
2000  envrmt;  maintain  &  per¬ 
form  web  server  backup  & 
recovery.  Bach  in  Comp  Sci  &  1 
yr  exp  in  field  or  1  yr  exp  as  IT 
Mgr  reqd.  40hr/wk,  9a-5p.  Send 
2  resumes  to  Hind  Fashion,  Inc, 
1220  Broadway,  #800,  NY,  NY 
10001. 


Saras  has  openings  for  IT  pro¬ 
fessionals.  BS/MS  is  must.  Skills 
in  SAP,  Baan,  Peoplesoft, 
Oracle  Apps,  Sybase,  AS/400, 
VB,  PB,  JAVA,  JavaScript. 
PERL,  Cat,  HTML,  XML,  C. 
C++,  OOPS,  Web  logic  &  Lotus 
Notes  preferred.  Also  want 
Marketing  Executive. 
resume@sarasamerica.com 

Infogen  is  seeking  IT  profession¬ 
als.  Req.  BS.  Skills  in  following 
area  are  plus:  Oracle9i, 
Weblogic  /  WebSphere,  C++, 
Visual  C++,  VB,  COM,  STL. 
MTS,  MSMQ,  ASP,  Java,  HTML, 
XML,  MTS.  MSMQ,  ADO,  UML. 
Travel  is  required.  Send  resume 
to  infojobs@infogeninc.com. 


PROGRAMMER-ANALYSTS 
needed  at  client  sites  to  analyze 
s/ware  suitability,  define  d/bases 
&  applic  patterns  &  write  reqmts 
for  system  architecture,  dvlp  & 
integrate  project  &  maintain  & 
support  project  using 
Persistence,  Visibroker,  Purify  & 
Quantify  (Rational),  Rational 
Rose.  C++,  Rogue  Wave 
Libraries.  Oracle,  VC++,  COM, 
OLEDB  for  IP  (Internet 
Publishing),  IIS,  iMAN  & 
iMAN/DAV  portals.  Apply  to 
Hireme,  Global  Consultants.  25 
Airport  Rd,  Morristown,  NJ 
07960. 


Senior  Systems  Analyst  (Chicago. 
IL)  -  Senior  OO  developer  with 
experience  in  OO  technologies  to 
play  a  key  role  in  the  design,  cod¬ 
ing,  implementation  and  supportof 
pharmacy  operations  applications 
and  initiatives.  Will  be  responsible 
for  the  design,  coding  and  imple¬ 
mentation  of  complex  modules  in 
JAVA,  JAVA  script  and  HTML  for  a 
system  requiring  quick  perfor¬ 
mance  and  throughput.  Will  utilize 
Websphere  to  tune  and  debug  3- 
tier  architecture  applications  to  opti¬ 
mize  performance.  Will  lead  team 
members  in  applying  new  technolo¬ 
gy.  Must  have  a  B.S.  or  equiv.  in 
Comp.  Sci..  Management  Info. 
Sys.,  Eng.or  related  field  and  5  yrs 
of  exp.  in  the  job  offered  or  5  yrs  of 
exp.  in  a  position  involving  full  life- 
cycle  business  software  develop¬ 
ment.  Exp.  gained  may  have  been 
obtained  concurrently  and  must 
include:  (i)  2  yrs  exp.  in  OO  JAVA 
analysis,  design  and  development; 

(ii)  2  yrs  exp.  each  in  VisualAge 
JAVA.  JAVA  Script,  SQL  and  UNIX; 

(iii)  proficiency  in  Websphere  and 
its  relation  to  3-tier  architecture 
systems;  (iv)  2  yrs  exp.  designing, 
coding,  testing  and  implementing 
complicated  modules  as  part  of  a 
high  volume  transaction  systems 
with  proficiency  in  tuning  systems 
to  achieve  maximum  performance; 
and  (v)  1  yr  exp.  leading  team 
members  in  applying  new  technolo¬ 
gy.  Must  have  proof  of  legal  author¬ 
ity  to  work  in  the  U.S.  Submit 
resume  to  C.  Hsien  (REF:SSA), 
Caremark  Inc.,  1000  Lakeside, 
Bannockburn,  IL  60015. 


Software  Engineer.  8a-5p.  40 
hrs/wk.  Dsgn,  dvlp,  implmt  & 
coord  integration  of  s/ware 
systms  applying  knowl  of  com¬ 
munications,  network  mgmt, 
parallel  processing,  comp  systm 
architecture,  comp  graphics  & 
systm  s/ware.  Masters  or  equiv 
in  Comp  Sci,  Info  Systms, 
Electrical,  Electronics  or  related 
field  of  Engg  reqd.  In  lieu  of 
Masters,  Bach  in  specified 
majors  &  5  yrs  of  progressive 
work  exp  as  comp  profl 
w/above  skills  accepted.  Res¬ 
ume  to:  Allied  Informatics,  Inc, 
6525  The  Corners  Parkway,  Ste 
110,  Norcross,  GA  30092. 


Seeking  qualified  applicants  for  the 
following  positions  in  Memphis/ 
Collierville,  TN:  Senior  Business 
Application  Analyst.  Act  as  liaison 
between  technical  developers  and 
users/customers.  Requirements: 
Bachelor's  degree*  in  computer 
science,  math,  statistics,  business 
administration  or  related  field  plus  5 
years  of  experience  in  analyzing 
business  systems  and  developing 
technical  automated  solutions.  Ex¬ 
perience  with  Java;  application  ser¬ 
ver  (either  WebLogic,  WebSphere 
or  JRUN);  and  UNIX  also  required. 
‘Master's  degree  in  appropriate 
field  will  offset  2  years  of  general 
experience.  Submit  resumes  to  Sibi 
George,  FedEx  Corporate 
Services,  1900  Summit  Tower 
Blvd.,  Suite  1400,  Orlando,  FL 
32810.  EOE  M/F/DA/. 


Software  Engineers  needed  by 
Alpharetta  based  IT  Co  -  Bachelors 
degree  with  1-2  years  of  experi¬ 
ence  in  job.  Exp  in  Skill  sets  incl: 
Java.  JSP,  Servlets,  JDBC.  XML. 
TIBCO.  UML.  Unix.  NT.  VB,  ASP, 
C#.  Net,  Business  Objects,  Crystal 
Reports,  Oracle.  SQL  Server,  Java¬ 
Script.  XML,  C.  C++.  AS/400.  CO¬ 
BOL.  DB2.  CICS,  JCL,  MVS. 
VS  AM,  Embeded/Firmware.  Cold¬ 
fusion.  Perl,  PHP,  Network  Admin¬ 
istration.  Rational  Clearcase  Ad¬ 
ministration,  Netscape  proxy  serv¬ 
er.  Microsoft  Exchange  Server 
Administration,  MQSeries.  WEB 
Methods,  Vitna.  SAP.  Peoplesoft, 
Lotus  Domino  Server  Administra¬ 
tion  FREQUENT  TRAVEL  RE¬ 
QUIRED  Send  resumes  to 
jobs0603@anisi.com. 
Ref  Ad#3308 


Software  Developer 

Duties:  Responsibilities  include  the 
design,  development,  and  support 
of  several  applications,  including 
interfaces  with  the  Marketing 
Systems  Intranet,  desktop  applica¬ 
tions,  and  the  enhancement  of 
existing  systems.  Additionally,  the 
incumbent  will  utilize  cutting  edge 
technologies  in  enterprise-level 
development  tools;  work  on  plat¬ 
forms  that  include  NT  Server  clus¬ 
tering  technology;  and  develop 
client/server  database  applications 
and  database  driven  web  sites  and 
applications. 

Requirements:  Bachelor's  Degree 
in  Computer  Science,  related  disci¬ 
pline,  or  technical  training  and  a 
minimum  of  three  years  related 
technical  experience  required.  Ex¬ 
perience  developing  complex 
Windows  NT  GUI  database  and 
Web  applications  using  Power¬ 
Builder,  Visual  Basic,  MS  Visual 
InterDev,  DHTML,  SQL  Server,  and 
UNIX  also  required.  Incumbent 
must  also  have  project  manage¬ 
ment  experience  and  a  detailed 
understanding  of  application  soft¬ 
ware  and  Systems  Design  Method¬ 
ology  w/ability  to  transfer  this  know¬ 
ledge  in  the  form  of  new  technical 
directives  and  initiatives. 

Please  forward  your  resume  and 
cover  letter  referencing  Job  Order 
#37277  for  a  Software  Developer 
to: 

Bureau  of  Labor  Standards 
45  State  House  Station 
Augusta,  Maine  04333-0045 


Database  Administrator 
wanted  by  medical 
group  in  Monterey  Park, 
CA.  to  design,  imple¬ 
ment  and  maintain  data¬ 
base  on  network.  3 
years  experience  req¬ 
uired.  Send  resume  to 
Andrew  S.O.  Sun,  M.D., 
Inc.  at  929  S.  Atlantic 
Blvd,  Monterey  Park, 
CA  91754. 


Gimme  the  Best  LLC  (Houston, 
TX)  is  seeking  a  Computer 
Programmer.  1  yr.  exp.  using 
MASM,  SQL  ReportWriter/Menu 
and  Objective-C.  Send  resume  to 
6601  Stillwell,  Houston,  TX  77087 
or  jobs@gimmethebest.com. 
Attn:  Jill 

F.S.  Construction  is  seeking  an 
Industrial  Engineering  Program¬ 
mer.  6  mon.  exp.  in  SAP  R/3 
Enterprise,  Primevera  Project 
Planner  V3.0,  and  MS  Project. 
Mail  resume  to  19  Briar  Hollow 
Ln.  #  270,  Houston,  TX  77027. 
Attn:  Mike  Poona,  or  email: 
mpoona@fsdesignbuild.com 


Programmer  Analyst  needed  to 
research/design/develop  computer 
software  systems,  applying  princi¬ 
ples  and  techniques  of  computer 
science,  engineering,  science,  and 
mathematical  analysis,  using  Cobol 
II.  MVS,  TSO/ISPF  software  Must 
have  Bachelor's  Degree  in  Engin- 
eenng.  Science  or  Computer  Sci¬ 
ence  and  two  years  of  prior  work 
experience  in  the  job  offered  or  as 
a  Programmer  Must  also  have  two 
years  of  experience  using  Cobol  II. 
MVS  and  TSO/ISPF  software 
$64,378  08  per  year  40  hrs/wk 
8am-5pm  Send  resumes  to 
MDCD/ESA,  PO.  BOX  11170. 
Detroit.  Ml  48202-1170.  Ref  No 
210054  Employer  Paid  Ad- 


Senior  Consultant  &  Quality 
Assurance  Specialist 

170  Systems,  Inc.  provides  ad¬ 
vanced.  Web-deployed  solutions 
that  enable  e-businesses  to  cap¬ 
ture  and  manage  all  of  their  infor¬ 
mation  online,  collaborate  and 
optimize  intra-company  and  B2B 
transactions.  Through  content 
management,  document  imaging 
and  workflow  products  and  ser¬ 
vices,  we  help  companies  and 
government  agencies  to  integrate 
their  information  across  their 
enterprise  applications  We  man¬ 
age  major  implementations  for 
Global  1000  companies  in  more 
than  40  countries. 

170  Systems  seeks  top-notch,  tal¬ 
ented  individuals  to  join  the  170 
Systems  team.  170  Systems  is  a 
dynamic,  fast-paced  organization 
with  a  commitment  to  excellence 
in  everything  that  we  do.  If  you  are 
looking  for  a  challenging  position 
as  a  Senior  Consultant,  a 
Quality  Assurance  Specialist,  or 
a  similar  position  in  a  growing 
leading-edge  software  company, 
then  please  visit  the  Careers  sec¬ 
tion  at  www.  1 70svstems.com  to 
apply.  170  Systems  is  an  equal 
opportunity  employer. 
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Network  World  Seminars 
and  Events  are  one  and  two- 
day.  intensive  seminars  in 
cities  nationwide  covering 
the  latest  networking  technologies.  All  of  our  seminars  are 
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Internet:  clasker,  jweissman@nww.com 
(508)  460-3333/FAX:  (508)  460-1237 _ 

New  York/New  Jersey 

Tom  Davis,  Associate  Publisher,  Eastern  Region 
Elisa  Della  Rocco,  Regional  Sales  Manager 
Agata  Joseph,  Sales  Associate 
Internet:  tdavis,  elisas,  ajoseph@nww.com 
(201)  587-0090/FAX:  (201)  712-9786 

Northeast 

Donna  Pomponi,  Regional  Sales  Manager 
Caitlin  Horgan,  Sales  Assistant 
Internet:  dpomponi,  chorgan@nww.com 
(508)  460-3333/FAX:  (508)  460-1237  

Mid-Atlantic 

Jacqui  DiBianca,  Regional  Sales  Manager 
Marta  Hagan,  Sales  Assistant 
Internet:  jdibian,  mhagan@nww.com 
(610)  971-1530/FAX:  (610)  975-0837 

Midwest/Central 

Eric  Danetz,  Regional  Sales  Manager 
Agata  Joseph,  Sales  Associate 
Internet:  edanetz,  ajoseph@nww.com 
(201)  587-0090/FAX:  (201)  712-9786 

Northern  California/Northwest 

Sandra  Kupiec,  Associate  Publisher,  Western  Region 

Karen  Wilde,  Regional  Sales  Manager 

Miles  Dennison,  Regional  Sales  Manager 

Maricar  Lagura,  Office  Manager/Sales  Assistant 

Teri  Lowe,  Sales  Assistant 

Internet:  skupiec,  kwilde,  mdennison,  mlagura, 

tlowe@nww.com 

(650)  577-2700/FAX:  (650)  341-6183 

Southwest/Rockies 

Becky  Bogart  Randell,  Senior  District  Manager 
Angela  Norton,  Sales  Assistant 
Internet:  brandell,  anorton@nww.com 
(949)  250-3006/FAX:  (949)  833-2857  

Southeast 

Don  Seay,  Regional  Sales  Manager 
Caitlin  Horgan,  Sales  Assistant 
Internet:  dseay,  chorgan@nww.com 
(404)  845-2886/FAX:  (404)  250-1646 

Customer  Access  Group 

Tom  Davis,  Assoc.  Publisher  Eastern  Region/General 

Manager,  Customer  Access  Group 

Shaun  Budka,  Director,  Customer  Access  Group 

Kate  Zinn,  Sales  Manager,  Eastern  Region 

Sean  Weglage,  Sales  Manager,  Western  Region 

Caitlin  Horgan,  Sales  Assistant 

Internet:  tdavis,  sbudka,  kzinn,  sweglege, 

chorgan@nww.com 

(508)  460-3333/FAX:  (508)  460-1237 

Fusion 

Alonna  Doucette,  Vice  President  Online  Development 
James  Kalbach,  Director,  Online  Services 
Stephanie  Gutierrez,  Online  Account  Manager 
Debbie  Lovell,  Online  Account  Manager 
Kristin  Douglas,  Online  Operations  Manager 
Internet:  adoucette,  jkalbach,  sgutierrez,  dlovell, 
kdouglas@nww.com 
(610)  341-6025/FAX:  (610)  971-0557 

MARKETPLACE 

Response  Card  Decks/MarketPlace 

Richard  Black,  Director  of  Marketplace 
Karima  Zannotti,  Senior  Account  Manager 
Enku  Gubaie,  Senior  Account  Manager 
Amie  Gaston,  Account  Manager 
Chris  Gibney,  Sales  Operations  Coordinator 
Internet:  rblack,  kzannott,  egubaie,  agaston, 
cgibney@nww.com 
(508)  460-3333/FAX:  (508)  460-1192 

IT  CAREERS 

Director,  Nancy  Percival,  East  Regional  Manager,  Deanne 
Holzer,  Midwest/West  Regional  Manager,  Laura  Wilkinson, 
Sales/Marketing  Associate,  Joanna  Schumann  (800)  762- 
2977/FAX:  (508)  875-6310 
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countries.  Ninety  million  people  read  one  or  more  IDG  publi¬ 
cations  each  month.  Network  World  contributes  to  the  IDG 
News  Service,  offering  the  latest  on  domestic  and  interna¬ 
tional  computer  news. 
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Enterasys  challenges  Cisco  in  router  arena 


Enterasys'  router  rally 


Enterasys  is  making  a  run  at  Cisco’s  access  and  central-site  routers  with  a  lineup  of 
integrated  firewall/VPN  routers.  The  company  says  intrusion-detection  features  are 
coming  in  the  fall. 


If  Model 

Firewall  throughput 

VPN  performance 

Price 

Availability  ] 

XSR-3020 

200,000  packet/sec 

1,000  tunnels 

$6,000 

September 

XSR-3150 

400,000  packet/sec 

3,000  tunnels 

$7,200 

July 

XSR-3250 

400,000  packet/sec 

3,000  tunnels 

$10,000 

July 

XSR-4100 

500,000  packet/sec 

5,000  tunnels 

$16,000 

September 

M  BY  PHIL  HOCHMUTH 

Enterasys  Networks  this  week 
is  scheduled  to  introduce  a 
handful  of  access  routers  de¬ 
signed  to  help  users  combine 
multiple  security  and  WAN  con¬ 
nectivity  functions  in  one  box. 

Aimed  at  Cisco’s  2600,  3700 
and  7000  series  boxes,  the  XSR 
routers  —  XSR-3020,  3150  and 
3250  —  are  targeted  at  sites  from 
small  and  midsize  branch 
offices  to  large  central  offices. 
Also  on  tap  is  the  XSR-4100, 
aimed  at  central-site  VPN  and 
WAN  link  aggregation. 

Features  in  the  XSR  boxes 
could  help  users  more  easily 
deploy  VPNs,  firewalls  and  even¬ 
tually  intrusion  detection  to 
remote  and  central  offices, 
Enterasys  says.  By  combining 
these  functions  into  a  one  WAN 


device,  the  company  says  it 
hopes  to  eliminate  the  need  to 
deploy  separate  appliances  for 
each  function. 

With  the  new  routers  capable 
of  1,000  to  5,000  VPN  tunnels 
and  higher-speed  throughput, 
Enterasys  is  going  after  Cisco  in 
the  enterprise  router  market. 

“No  one  has  really  challenged 


Cisco  in  the  [enterprise  router] 
market  for  at  least  three  years,” 
says  Lawrence  Orans,  a  senior 
analyst  at  Gartner.  According  to 
Gartner,  Cisco  has  more  than  80% 
market  share  in  access  routing. 

“There  is  some  percentage  of 
businesses  that  want  an  alterna¬ 
tive,”  Orans  says.“Just  by  showing 
up,  Enterasys  will  make  some 


inroads  in  the  market.  If  they 
execute  well  and  have  a  good 
price,  they  could  do  even  better.” 

Enterasys  uses  several  existing 
technologies  in  the  XSR  line.  For 
VPNs,  it  combines  technology 
from  its  Aurorian  VPN  gateway 
product  line  (acquired  in  the 
2001  buyout  of  Indus  River).  En¬ 
terasys  also  uses  firewall  soft¬ 


ware  developed  internally  on 
the  boxes. 

In  the  fourth  quarter,  Enterasys 
says  the  XSR  product  family  also 
will  support  intrusion-detection 
technology  used  on  the  compa¬ 
ny’s  Dragon  IDS  appliance  and 
software  products,  which  was 
acquired  from  Network  Security 
Wizards  in  2000.  Enterasys  also 
plans  to  include  support  for  Ses¬ 
sion  Initiation  Protocol  for  sup¬ 
porting  VoIP  in  the  fourth  quarter. 

The  XSR  line  will  use  the  VPN 
client  in  Windows  2000  and  XP 
unlike  the  Aurorian  VPN  gear, 
which  uses  a  proprietary  client. 
The  XSR  routers  will  interoper¬ 
ate  with  the  VPN  gear  on  a  site- 
to-site  basis,  but  remote  access 
users  will  need  the  Aurorian  or 
Windows  VPN  clients  to  connect 
to  sites  running  the  respective 
gear.  ■ 


What's  ahead  for  3Com? 

The  firm’s  re-energized  push  into  large  corporations 
will  hinge  on  several  factors: 


Reputation:  After  3Com  pulled  out  of  the  large-enterprise  chassis 
router  and  switch  market  in  2000,  many  customers  soured  on  the 
vendor.  Getting  back  credibility  with  large  IT  buys  will  be  crucial. 

Litigation:  3Com’s  large  enterprise  strategy  relies  heavily  on  its  joint 
venture  with  Huawei,  which  is  being  sued  by  Cisco  for  patent  and 
copyright  infringements.This  could  spook  enterprise  IT  professionals. 

Integration:  3Com’s  product  portfolio  is  a  mingled  assortment  of 
small  to  midsize  business  LAN  IP  telephony  gear,  VoIP  products 
from  its  former  CommWorks  carrier  group,  and  now  resold  switches 
and  routers  from  Huawei.  How  does  it  all  fit  together? 


3Com 

continued  from  page  1 

Ethernet  and  quality  of  service. 

3Com  also  is  expected  to  an¬ 
nounce  advancements  in  its 
Extendable  Resilient  Networking 
(XRN)  technology,  which  lets 
customers  tie  together  smaller 
switches  with  high-speed  trunks 
—  an  architecture  the  company 
has  touted  as  being  superior  to 
large  LAN  chassis.  New  to  XRN 
will  be  the  ability  to  have  3Com 
SuperStack  4000  series  Gigabit 
Ethernet  switches  linked  via  XRN 
beyond  the  previous  300-foot 
limit  to  distances  of  up  to  2  miles. 
This  could  let  companies  manage 
boxes  in  multiple  buildings  as  a 
single  device, 3Com  says. 

The  Switch  7700  will  be  tested 
this  month  at  the  State  of  Louisi¬ 
ana  Court  System  in  Baton  Rouge, 
which  uses  a  backbone  of  3Com 
4924  fixed-configuration  Gigabit 
switches,  linked  with  XRN  for  re¬ 
dundancy  The  box  could  be  used 
as  a  replacement  backbone  for 
the  court  system’s  existing  LAN  or 
for  building  new  facilities,  says 
Freddie  Manint,  head  of  criminal 
justice  IS. 

The  Switch  7700  will  compete 
with  products  such  as  Cisco’s 
Catalyst  6500,  Extreme  Networks’ 
BlackDiainond  and  Foundry  Net¬ 
works'  Fast  Iron  chassis  switches. 
While  3Com  has  not  discussed 
pricing  for  the  7700,  Manint  says 
he  expects  the  switch  will  cost, on 
average,  around  10%  to  25%  less 
than  competing  products,  based 
on  conversations  with  3Com. 


Regarding  3Com’s  re-emer- 
gence  into  large  enterprise  chas¬ 
sis  switching,  Manint  says  he  has 
no  reservations  about  working 
with  3Com. 

“3Com  didn’t  get  out  of  the  mar¬ 
ket  altogether)  he  says.“lf  they  had 
just  vanished  then  tried  to  re- 
emerge  like  this,  I’d  be  more  skep¬ 
tical  of  them.  But  we’ve  had  great 
experiences  with  3Com.” 

Going  forward  in  its  enterprise 
product  push,  3Com  faces  daunt¬ 
ing  challenges,  observers  say  First 
is  assuring  large-enterprise  IT  pro¬ 
fessionals  that  they  can  rely  on 
the  company  to  maintain  its  LAN 
core  and  that  they  won’t  see  a  re¬ 
peat  of  3Com’s  enterprise  switch 
market  exit  in  2000.  Another  will 
be  dealing  with  potential  legal 
risks  3Com  is  involved  in  regard¬ 
ing  Cisco’s  pending  intellectual 
property  lawsuit  against  Huawei, 
which  makes  the  gear  3Com  will 


sell  in  the  U.S.and  abroad. 

3Com  CEO  Bruce  Claflin  said  in 
March  that  the  company  is  exam¬ 
ining  all  products  it  will  resell 
from  Huawei  to  ensure  that  they 
do  not  violate  the  intellectual 
property  He  has  said  that  3Com’s 
large  enterprise  strategy  will  in¬ 
volve.  LAN  switch  products  from 
its  Huawei  joint  venture  and 
3Com’s  existing  network  portfolio, 
along  with  carrier-class  VoIP  and 
IP  telephony  products  from  its  for¬ 
mer  CommWorks  carrier  arm. 

“As  we  go  forward,”  Claflin  said, 
“we’ll  demonstrate  that  we’re  a 
Tier  1  networking  company  that 
has  a  broad  line  of  products  for 
businesses  of  all  sizes.” 

Cisco  filed  suit  against  Huawei 
earlier  this  year,  saying  the  com¬ 
pany  violated  software  patents  by 
copying  parts  of  Cisco’s  IOS  soft¬ 
ware  and  plagiarizing  Cisco’s  on¬ 
line  documentation. 


The  U.S.  District  Court  for  the 
Eastern  District  of  Texas  last  week 
issued  a  preliminary  injunction 
that  said  Huawei  cannot  sell  its 
router  operating  system  contain¬ 
ing  technology  derived  from  Cis¬ 
co’s  Enhanced  Interior  Gateway 
Routing  Protocol  (EIGRP)  source 
code.  Huawei  also  must  stop  dis¬ 
tributing  online  help  files  and 
manuals  that  are  substantially 
similar  to  Cisco  documentation. 
The  injunction  was  issued  while 
the  court  considers  other  aspects 
of  the  patent  infringement  claims. 

Huawei  said  the  ruling  would 
not  affect  its  business  or  its  ven¬ 
ture  with  3Com. 

“Nothing  in  the  preliminary 
injunction  relates  at  all  to  new 
versions  of  the  products,”  Huawei 
said  in  a  written  statement  after 
the  ruling.  “Before  Cisco  initiated 
its  legal  action  against  Huawei, 
the  company  had  already  taken 
good  faith,  voluntary  action  to 
proactively  remove  from  the  U.S. 
market  the  obsolete  products  out¬ 
lined  in  the  injunction." 

“Without  a  doubt,  it’s  a  limited 
victory  for  Cisco,”  says  Lee  Brom¬ 
berg,  senior  partner  and  founder 
of  Bromberg  and  Sunstein,  a 
Boston  law  firm  specializing  in  IT 
intellectual  property  litigation. 

3Com  last  week  got  involved  in 
the  case  after  the  Texas  court 
issued  the  ruling.  The  company 
filed  a  motion  to  intervene  in  the 
case,  effectively  jumping  in  the 
same  boat  with  Huawei  for  all 
related  court  proceedings. 

“3Com  feels  they’re  already  in 
the  line  of  fire,”  Bromberg  says.“As 


long  as  that’s  the  case,  3Com’s 
strategy  seems  to  say,  ‘Let’s  get  in 
there  and  help  put  forward  the 
best  case  possible,”’ against  Cisco. 
Bromberg  says  that  while  the 
near-term  implications  of  the 
injunction  shouldn’t  affect  3Com- 
Huawei  business,  any  broader 
findings  of  patent  infringements 
by  Huawei  could  come  back  to 
haunt  3Com  as  it  begins  to  offer 
more  gear  from  the  vendor. 

For  now,  there  shouldn’t  be  any 
legal  caveats  regarding  the  tech¬ 
nology  in  the  Switch  7700,  says 
Zeus  Kerravala,  an  analyst  at  The 
Yankee  Group.  The  box  is  a  LAN 
switch,  not  a  router,  and  will  not 
incorporate  functions  such  as 
Cisco’s  EIGRP  However,  the 
release  of  the  7700  “is  a  bit  of  deja 
vu  for  3Com,”  he  says,  because  the 
product  is  similar  to  its  former 
CoreBuiider  offerings.  But  the 
product  was  the  result  of  cus¬ 
tomer  demand. 

“When  3Com  restructured  its 
business,  it  focused  on  stackable 
switches  for  [small  to  midsize 
businesses]  and  the  enterprise 
LAN  edge,”  Kerravala  says.  Now 
3Com  will  have  to  convince  cus¬ 
tomers  it  is  in  the  LAN  core  busi¬ 
ness  for  the  long  haul,  by  showing 
a  clear  road  map  and  delivering 
products  on  time.  And  it  is  in  a 
good  position  to  do  that,  he  adds. 

“Besides  Cisco,  3Com  is  the  only 
Tier  1  network  provider  that  has 
no  debt  and  cash  in  the  bank,” 
he  says.  ■ 
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Deal  tracker 


A  sampling  of  recent  acquisitions  and  proposed  deals  in  the  network/IT  market. 


Date 

Acquirer  Acquired 

Price 

June  6* 

Oracle 

PeopleSoft/enterprise  applications 

$5.1  billion 

June  2* 

PeopleSoft 

J.D.  Edwards/enterprise  applications 

$1.7  billion 

June  10 

Mercury  Interactive 

Kintana/IT  project  management 

$225  million 

June  4 

Palm 

Handspring/handheld  devices 

$169  million 

April  9 

Ciena 

WaveSmith  Networks/edge  switches 

$158  million 

May  16 

Alcatel 

TiMetra  Networks/edge  routers 

$150  million 

June  3 

General  Atlantic  Partners  and 
Cerberus  Capital  Management 

Baan  division  of  Invensys/enterprise 
applications 

$135  million 

May  13 

Tellabs 

Vivace  Networks/edge  switches 

$135  million 

June  6 

Vector  Capital 

Corel/office  applications 

$97.5  million 

May  14 

IBM 

ThinkDynamics/provisioning  software 

undisclosed 

Mergers 
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looking  for  revenue  enhance¬ 
ments,”  says  Roland  Van  der  Meer, 
a  partner  with  ComVentures,  a 
venture  capital  firm.“We  see  them 
putting  out  feelers.” 

The  biggest  factor  of  all,  experts 
say,  is  that  IT  budgets  are  starting 
to  steady  and  companies  are 
crafting  plans  for  strategic  spend¬ 
ing,  which  lets  vendors  follow  the 
money. 

“IT  budgets  are  stabilizing  and 
the  revenue  pipeline  is  more 
identifiable  as  vendors  see  what 
companies  need,”  says  Tony 
Aquilina,  a  principal  at  Stone- 
bridge  Technology  Associates,  an 
investment  banking  firm.  “Vend¬ 
ors  can  see  out  nine,  12,  15 
months  to  where  revenues  will 
come  from.  Just  recently,  compa¬ 
nies  like  Cisco  couldn’t  see  out  a 
month.” 

So  far  this  year,  there  have  been 
530  deals  involving  hardware  and 
software  vendors,  with  190  of 
those  disclosing  terms  for  a  total 
of  $18.4  billion,  according  to 
research  firm  FactSet  Mergerstat. 
That  pace  is  behind  last  years  624 
completed  deals  by  the  end  of 
May  although  the  total  valuation 
for  those  deals  was  only  $  1 1 . 1  bil¬ 
lion  for  246  of  the  acquired  com¬ 
panies  that  disclosed  pricing. 

The  heightened  activity  might 
not  completely  manifest  itself  in 
deals  for  another  12  to  18 
months,  especially  as  companies 
focus  on  due  diligence  in  evalu¬ 
ating  target  companies  in  the 
wake  of  corporate  financial  scan¬ 
dals  and  the  Sarbanes-Oxley  Act. 

But  factors  are  converging  that 
make  an  increase  in  acquisitions 
more  likely,  especially  in  crowded 
markets  such  as  security  storage, 
wireless,  management  and  net¬ 
work  hardware. 

Many  large  vendors  are  looking 
to  devise  new  strategies,  plug 
holes  in  product  lines  or  broaden 
portfolios. 

The  likes  of  Cisco,  EMC,  IBM, 
Microsoft  and  Symantec  are  see¬ 
ing  their  stock  prices  hover 
around  52-week  highs,  and  they 
have  cash  reserves,  both  of  which 
boost  purchasing  power.  And 
these  vendors  have  established 
distribution  channels  needed  by 
smaller  companies  that  find  it  dif¬ 
ficult  to  penetrate  corporate  IT. 

Also,  small  and  private  compa¬ 
nies  are  getting  products  into  the 
market  and  building  revenue, 
which  makes  them  attractive  to 
suitors  that  want  to  know  profits 
will  come  quickly  after  deals  are 
finalized. 

Security  software  is  one  area 


‘Proposed 

where  there  has  been  action,  and 
things  could  get  hotter. 

“The  large  security  companies 
are  looking  to  broaden  their  plat¬ 
forms,”  says  Gus  Tai,  a  partner  at 
venture  capital  company  Trinity 
Partners.“Customers  want  to  deal 
with  fewer  vendors.” 

In  April,  Network  Associates 
gained  intrusion-detection  capa¬ 
bilities  by  paying  $120  million  for 
Entercept  Security  and  $100  mil¬ 
lion  for  IntruVert  Networks. 

In  January,  Cisco  bought  intru¬ 
sion-detection  vendor  Okena  for 
$154  million  after  paying  $12  mil¬ 
lion  in  November  for  Psionic 
Software,  which  also  developed 
intrusion-detection  software. 

“Consolidation  is  sorely  needed 
in  security  because  there  is  too 
much  overlap  in  the  technology’ 
says  Pete  Lindstrom,  an  analyst 
with  Spire  Security 

Gartner  says  firewalls  and 
intrusion  detection  will  consoli¬ 
date  into  one  market  by  2006, 
with  small  companies  such  as 
NetScreen  Technologies,  which 
already  has  begun  to  consoli¬ 
date  the  two  technologies,  lead¬ 
ing  the  way 

Many  technologies  in  the  “secu¬ 
rity  ecosystem,” as  Lindstrom  calls 
it,  could  be  consolidated  under 
various  headings  such  as  vulnera¬ 
bility  management  and  threat 
management.Those  technologies 
include  policy  enforcement;  in¬ 
trusion  prevention;  spam  and 
content  filters;  patch  and  configu¬ 
ration  management;  and  antivirus 
software. 

Microsoft  last  week  bought 
antivirus  vendor  GeCAD 
Software  and  plans  to  use  the 
technology  in  its  security  prod¬ 
ucts.  Lindstrom  also  says  don’t 
rule  out  Computer  Associates  or 
IBM  making  purchases,  or  cash- 
flush  security  vendors  such  as 
NetlQ,  Symantec  or  even  histori¬ 


cally  stingy  Check  Point. 

Network  equipment  also  could 
see  a  surge  in  action.  Three  big 
acquisitions  this  year  point  to 
consolidation  in  the  edge  router 
area  as  vendors  migrate  cus¬ 
tomers  from  circuit-based  to 
packet-based  infrastructures. 

In  May  Alcatel  acquired  TiMetra 
Networks,  a  privately  held  maker 
of  edge  routers,  for  $150  million. 
The  previous  month,  Tellabs  ac¬ 
quired  edge  switch  maker  Vivace 
Networks  for  $135  million  and  Ci¬ 
ena  grabbed  privately  held  multi¬ 
service  edge  switch  maker  Wave- 
Smith  Networks  for  $158  million. 

“Vendors  found  themselves  ex¬ 
posed  in  this  area;  they  didn’t 
have  product  or  weren’t  compet¬ 
ing  in  the  edge  switch/router  mar¬ 
ket,”  says  Pete  Wagner,  co-manag- 
ing  partner  at  venture  capital  firm 
Accel  Partners,  which  had  an 
investment  in  TiMetra. 

In  addition,  rumors  are  rife  that 
the  Fiber  to  the  Premises  specifi¬ 
cation, which  is  designed  to  lower 
the  cost  of  stringing  fiber-based 
broadband  to  the  home,  could 
touch  off  a  round  of  consolida¬ 
tion  as  carriers  ask  large  network 
equipment  vendors  to  support 
the  service.  Alcatel,  Cisco,  Lucent 
and  Nortel  could  be  looking  to 
snap  up  small  makers  of  passive 
optical  networking  (PON)  gear. 
The  chatter  earlier  this  month  at 
SuperComm  was  that  Lucent  was 
courting  Quantum  Bridge 
Communications,  which  would 
only  say  it  is  in  discussions  with 
several  companies.  Other  PON 
vendors  include  FlexLight 
Networks,  Paceon,  Salira  Optical 
Network  Systems  and  TeraWave. 

Storage  is  another  area  perhaps 
poised  for  consolidation,  where 
persistent  acquisition  rumors  dog 
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EMC  and  Legato  Systems,  in  par¬ 
ticular.  Last  year’s  run  by  vendors 
such  as  Broadcom,  Cisco,  EMC, 
IBM  and  Veritas  Software  to  ac¬ 
quire  storage  resource  manage¬ 
ment  start-ups  could  be  followed 
by  interest  in  the  new  hot  tech¬ 
nology  —  time-based  backup 
and  recovery  —  and  vendors 
such  as  FilesX,  Revivio,  Storage- 
Tek, TimeSpring  and  Vyant. 

Rich  Napolitano,  vice  president 
of  the  data  services  platform 
group  for  Sun,  which  acquired  his 
former  company  Pirns  Networks, 
last  September,  says  those  start¬ 
ups  will  face  what  every  new¬ 
comer  faces:  “Nobody  is  going  to 
buy  anything  from  a  start-up  right 
now  with  dubious  potential  for 
additional  fundraising.” 

The  wireless  industry  could 
face  the  same  challenge. 

“Wireless  is  seeing  a  healthy 
amount  of  low-value  transac¬ 
tions,  those  below  $50  million. 
The  higher-value  deals  will  take 
time,”  says  Rajeev  Chand,  senior 
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equity  analyst  for  wireless  at 
investment  bank  Rutberg  and  Co. 
Cisco  has  made  the  largest  wire 
less  deal  this  year,  acquiring 
Linksys  in  March  for  $500  million. 

“If  you  are  a  public  company, 
now  is  a  great  time  to  buy 
because  a  lot  of  private  compa¬ 
nies  have  technology  they  have 
revenue,  but  they  are  struggling  to 
get  funding,”  Chand  says. 

Another  active  area  is  software 
designed  to  manage  corporate 
data  centers.  IBM,  Microsoft,  Sun 
and  Veritas  have  made  recent  ac¬ 
quisitions  to  bolster  their  moves 
into  utility  computing  platforms. 

“There  are  vendors  here  with  a 
lot  at  stake  because  they  think 
[utility  computing]  is  strategic  to 
their  business,”  Accel’s  Wagner 
says.  “Controlling  the  enterprise 
data  center,  from  a  software  infra¬ 
structure  point  of  view,  is  a  big 
deal.” 

“Deal”  could  be  the  operative 
word  over  the  course  of  the  next 
18  months. 

“There  are  a  lot  of  dynamics  at 
work  here,”  says  Lenley  Han- 
sarling,  group  vice  president  of 
product  management  for  J.D. 
Edwards.  He  says  his  company 
entered  into  a  deal  with  People- 
Soft  because  it  saw  consolidation 
coming  and  wanted  to  be  a  first 
mover  to  best  position  itself.  “It 
looks  like  we  might  be  at  the  bot¬ 
tom  on  the  tech  downturn,  and 
that  means  companies  are  look¬ 
ing  at  the  prospect  of  prices  for 
companies  going  higher.  There  is 
maturation  in  high  tech, and  as  an 
industry  matures  there  is  consoli¬ 
dation,”  he  says. 

Network  World  staffers  Deni  Con¬ 
nor;  John  Cox,  Denise  Dubie,  Jim 
Duffy,  Tim  Greene  and  Ellen  Mess- 
mer  contributed  to  this  report. 
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Mark  Gibbs 


Unintended  consequences 


hen  technologies  such  as 
cloning  or  stem  cell  therapy 
come  up,  America’s  getting 
smart  —  we  usually  don’t  ask  whether 
we  can  do  it  but  rather  if  we  should. 
We  seem  to  have  learned  that  tech¬ 
nologies  like  these  most  likely  will 
cause  problems  we  don’t  expect. 

This  view  is  elegantly  framed  by  the  Law  of  Un¬ 
intended  Consequences,  which  can  be  summarized 
“the  result  of  our  actions  is  almost  never  what  we 
intend.” 

But  it’s  not  just  the  consequences  of  these  ground¬ 
breaking  technologies  that  we  should  be  concerned 
about;  there  are  plenty  of  less  obvious  technologies 
of  which  we  should  be  just  as  wary 

Do  you  remember  in  the  movie  “Minority  Report” 
the  displays  in  the  stores  that  recognized  people 
and  directed  a  personalized  message  at  them  such 
as:“Welcome  back,  Bob.  Because  we’re  pleased  to 
see  you  again  for  today  only  you  get  10%  off  any¬ 
thing  in  power  tools!”? 

The  technologies  to  make  this  possible  are, 
whether  you  like  it  not,  just  around  the  corner.  A 
company  just  demonstrated  what  it  calls  a  Hyper¬ 
sonic  Sound  System  that  can  project  an  audio  zone 
about  12  inches  in  diameter  over  a  couple  of  hun¬ 
dred  feet.  In  that  zone  you  can  hear  the  projected 


sound  with  incredible  clarity  despite  noisy  surround¬ 
ings. 

How  about  those  amazing  displays?  Many  compa¬ 
nies  are  working  on  Organic  Light-Emitting  Diodes, 
which  can  be  used  to  create  huge,  cheap,  flexible 
displays  that  can  even  be  wrapped  around  curved 
surfaces. 

The  consequences  of  these  technologies  will  be 
less  peace  and  more  noise,  less  elegance  and  more 
stimulation,  less  experience  and  more  image.  Don’t 
like  this  scenario?  Tough.  Cities  are  going  to  get  even 
uglier,  and  it  can’t  be  stopped. 

GPS  required 

Here’s  another  application  of  technology  that 
could  be  dreadful  in  its  consequences: There  is  a 
proposal  by  the  Oregon  Department  of  Transpor¬ 
tation  to  require  cars  in  the  state  to  have  Global 
Positioning  Systems  (GPS)  installed  so  the  state 
can  log  who  went  where,  and  then  impose  a  road- 
use  tax. 

The  reason  is  Oregon’s  gasoline  tax  revenue  is  fall¬ 
ing  and  rather  than  increase  that  tax  (which  would 
be  immensely  unpopular),  they’d  like  to  find  a  new 
source  of  funds. 

There  are  many  good  reasons  to  look  for  greater 
information  about  car  use.  Given  the  scale  of  our 
country  and  the  size  and  mobility  of  the  population 


there’s  no  doubt  that  a  lot  of  crime  could  be  pre¬ 
vented  or  solved  if  we  knew  the  detailed  move¬ 
ments  of  vehicles. 

But  what  other  questions  could  be  asked  of  the 
proposed  Oregon  system  other  than  how  far  did  Bill 
Smith  travel  on  state  roads?  How  about,  where  has 
Bill  Smith  been  and  when?  What  other  cars  were  in 
the  same  area  as  Smith’s?  What  route  did  he  take? 
How  fast  was  he  going  —  oh,  70  in  a  55  zone?  We’ll 
send  him  a  ticket!  And  where  is  he  now?  Next  thing 
we  know  lawyers  will  be  subpoenaing  the  GPS  data 
for  divorce  cases. 

Driving  is  not  a  right  but  a  privilege  so  there’s  a  lot 
of  logic  in  greater  regulation  of  vehicle  use.  But 
those  pesky  issues  of  privacy  and  liberty  are 
involved,  and  the  mismatch  between  our  need  for 
law  and  order  and  what  we  think  of  as  our  freedoms 
make  such  logic  difficult  to  defend. 

So  would  I  object  to  one  of  these  systems  reporting 
on  my  driving?  You  bet!  I  have  nothing  to  hide  but  I 
simply  don’t  trust  my  fellow  man  —  particularly  in 
the  guise  of  raving  bureaucrats  —  to  be  fair,  honor¬ 
able,  discreet  and  respectful  of  my  privacy  And 
there’s  no  amount  of  technology  that’s  going  to 
change  that. 

Cries  of  “ mind  your  own  business”  to  backspln 
@gibbs.com. 
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News,  insights,  opinions  and  oddities 


By  Paul  McNamara 


Think  horses  and  water 

You  can  lead  a  PC  user  to  a  nifty 
productivity  tool,  but  you  can't  make 
him  invest  the  time  and  effort  needed  to  reap  the  rewards. 

This  is  true  especially  of  trade-press  columnists  who  don't  like  to  change 
their  work  habits. 

User  inertia  is  one  major  challenge  facing  ActiveWord  Systems,  a  speck  of  a 
company  in  Winter  Park,  Fla.,  whose  faithful  customers  swear  by  the  benefits 
of  a  productivity  application  called  ActiveWords  SE.  Another  is  that  the  tool 
really  needs  to  be  seen  —  if  not  tried  —  to  be  appreciated. 

In  a  nutshell,  it  lets  you  create  and  organize  a  personal  library  of  trigger 
words,  each  of  which  will  launch  a  defined  action  when  typed  in  any  Windows 
application  at  any  time.The  productivity  comes  from  saving  seconds  or  min¬ 
utes  every  time  you  use  one  of  your  words  to  do  something  like  create  an 
e-mail  message,  skip  from  Word  to  a  Web  page,  or  spit  out  a  string  of  boiler¬ 
plate  text,  instead  of  doing  these  things  keystroke  by  keystroke. 

The  first  time  I  saw  the  product  was  in  February  at  Demo  2003,  and  it  looked 
so  useful  that  I  promised  myself  to  give  it  a  try.  A  few  months  later,  company 
founder  Buzz  Bruggeman  —  a  technology  evangelist  whose  enthusiasm  alone 
should  make  this  product  a  hit  —  walked  me  through  a  Web  tutorial. 

I  started  to  assemble  my  personal  library  task  by  task,  word  by  word. 

It  was  easy.  It  was  fun.  It  felt  right. 

But,  alas,  it  wasn't  long  before  I  had  slipped  into  my  old  ways  of  doing  things. 
It  just  didn't  stick,  so  ActiveWords  is  no  longer  part  of  my  workday. 

However,  such  is  not  the  case  with  Chris  Shipley,  who  is  executive  producer 
of  D>.  mo  and  a  colleague  in  that  Network  World  owns  IDG  Executive  Forums, 
which  runs  that  technology  conference. 

ActiveWords  has  its  idiosynchrocies,  but  beyond  them  I  do  find  this  the 


most  useful  utility  since  I  wrote  a  bunch  of  save/get  macros  in  1985,"  Shipley 
says.  “Zealous  computerists  will  find  ways  to  make  ActiveWords  do  every¬ 
thing  for  them. 

“As  for  me,  I  use  ActiveWords  to  create  a  dozen  standard  messages,  signatures 
and  the  like  to  answer  the  repetitive  questions  that  flood  my  in-box.  I  can  add 
paragraphs  of  text  to  a  message  and  documents  in  three  keystrokes.  Basically, 
ActiveWords  lets  me  add  an  edge  of  professionalism  and  detail  to  documents  and 
e-mail  that  I  couldn’t  otherwise  mount  at  the  speeds  at  which  I  usually  work.” 

ActiveWords  costs  only  $10  today,  although  that's  jumping  to  $20  on  June  30. 
Either  way,  it’s  small  change  to  find  out  whether  you'll  have  Shipley’s  experi¬ 
ence  or  mine. 

More  cell-phone  madness 

Confronting  the  painful  truth  that  too  many  people  today  —  especially 
teenagers  —  simply  don’t  get  enough  television,  Samsung  has  stepped  into  the 
breach  with  a  cell  phone  that  delivers  local  VHF  and  UHF  channels  to  handset 
users  for  no  extra  service  charge. 

Now  in  addition  to  chatting  animatedly  with  whomever,  that  lost-in-space  dri¬ 
ver  inching  into  your  lane  at  75  mph  will  be  watching  a  ballgame  or  a  soap 
opera  on  a  screen  the  size  of  postage  stamp. 

Sadly,  though,  this  breakthrough  technology  will  be  available  immediately  only 
in  South  Korea.  Samsung  says  it  has  no  plans  to  sell  the  handset  abroad,  a 
position  that  ought  to  change  about  10  minutes  after  the  first  U.S.  teen  visiting 
Seoul  gets  his  or  her  hands  on  one. 

You  say  this  isn’t  your  idea  of  progress? 

Well,  perhaps  you  can  take  heart  in  the  handset's  price  —  700,000  won  — 
which  likely  will  discourage  all  but  the  silver-spoon  crowd. 

That's  $500  to  your  kid. 

Care  to  correspond  with  the  curmudgeon?  The  address  is  buzz@nww.com. 


An  increasingly  mobile  workforce 
opens  your  network  up  to  a  host  of  threats, 
both  accidental  and  intentional. 


The  only  place  to  securely  meet  the  challenges  that  a  mobile 
workforce  brings  to  a  network  is  at  the  point  where  people  connect. 
The  HP  ProCurve  Adaptive  EDGE  Architecture  affordably  puts 
intelligence  and  control  at  the  edge  of  the  network,  giving  you  the 
power  to  easily  adapt  to  future  needs  as  new  wired  and  wireless 
mobility  solutions  are  implemented. 

With  industry-standard  switches  like  the  HP  ProCurve  5300x1  series, 
you  can  cost-effectively  deploy  user  and  security  applications  at  the 
point  of  connection.  It  immediately  recognizes  the  user  and  the  types 
of  services  and  access  they  are  permitted  to  have,  preventing 
unauthorized  traffic  and  potential  threats. 

Free  Network  Design,  To  schedule  a  free  network  design  and  to 
learn  how  HP  ProCurve's  affordable  solutions  can  help  you  meet 
current  and  future  needs  for  mobility,  security  and  convergence, 
call  1-800-975-7683  or  visit  hp.com/go/procurve. 


hp  procurve 
5372x1 
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SUN  FIRE™  V60X  SERVER: 

>  INTEL  XEON  2.8  GHZ  PROCESSOR 

>  RUNS  SOLARIS™  9  OS  FOR  X86  OR  RED  HAT®  ENTERPRISE  LINUX®  ES 


$2450. 


SUN  FIRE  V210  SERVER: 

>  RACK-OPTIMIZED,  ULTRASPARC®/ SOLARIS  OS 

>  INTEGRATED  WITH  AWARD-WINNING  SUN™  ONE  MIDDLEWARE 


$2,995. 


f 


SUN  STOREDGE™  3310  SCSI  ARRAY: 

>  HIGH-DENSITY,  MODULAR  STORAGE 

>  HIGH  AVAILABILITY  CONFIGURATIONS 

$6,995. 

SUN  FIRE  BlOO  BLADE  SERVER: 

>  ULTRASPARC  OR  X86  PROCESSOR 

>  RUNS  SOLARIS  8,  9,  OR  RED  HAT  ENTERPRISE  LINUX  ES* 

$1,795. 


THE  LOW  COST  MOVE  IS  ON 


IRASPARC  blades  run  Solans  8  and  9,  x86  blades  run  Solans  9  for  x86  and  Red  Hat  Enterprise  Linux  once  certified,  Summer  2003. 
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